password encoding flavours
Alan DeKok
aland at deployingradius.com
Mon Apr 16 14:47:33 CEST 2007
Stefan Winter wrote:
> User-Password := something => Cleartext-Password := something
> Crypt-Password := unixcrypt => Crypt-Password := unixcrypt
Yes.
> Crypt-Password := $1$somethingveryweird => SMD5-Password := somethingveryweird
>
> (stripping the header, and $1$ meands MD5 with 12-character salt, right?)
If you want. I don't think it's necessary, though.
> Crypt-Password := $2a$somethingveryweirdandevenlonger => ????-Password :=
> somethingveryweirdandevenlonger
>
> (no clue here... read that $2a$ is a Blowfish crypt, but there is no
> Blowfish-Password attribute, but apparently right now with 1.1.3 it works
> anyway?)
Because the "crypt" support on your system interprets it, and Does The
Right Thing.
If the crypt function on your system *didn't* support SMD5 passwords,
you would have to make FreeRADIUS know about SMD5. As it is, I'll bet
if you just leave all of the Crypt-Password entries alone, they should
all work.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list