Support for PEAP-Mschapv2 and PEAP-GTC simultaneously?
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Wed Jun 20 09:38:26 CEST 2007
Colleen C. Morrissey wrote:
> Hi,
>
>
>
>> Why? If you have the clear-text password on the server, you can just
>> compare the two. There's no need to configure rlm_pap to do the NT hash.
>>
>>
>
> I don't have the clear text password. Your original reply said this
> would work with clear text password or nt hash. I have the NT hash
> and/or I can get the SHA1 base 64 encoded password (which was working
> with gtc by itself). Can I get pap/gtc to work with the NT hash password?
> I don't manage the ldap service so getting the clear text password will
> not be easy and may not be possible organizationally. Thanks.
>
>
>
I know SHA1 will definitely work, as will NT but you will have to use
the PAP module.
The nt hash should be written into the check item NT-Password, I think
sha is SHA-Password.
If your using LDAP just enable auto header and it'll figure it out for
you :) , if you do use NT password be sure the FreeRADIUS <-> LDAP nt
hash password attribute mapping is correct.
More information about the Freeradius-Users
mailing list