help.. MD5 with PAP
Alan DeKok
aland at deployingradius.com
Wed Feb 13 15:19:58 CET 2008
cengiz coþkun wrote:
> Hi,
> I have configured freeradius 2.0.0 EAP-ttls and
> configured a mysql db to store the users.
> It was working fine until i recently decided to
> convert the database-stored passwords to md5
> encryption.
Store the passwords as "MD5-Password". See "man rlm_pap".
You do NOT need to edit anything in the default configuration.
> Auth-Type md5 {
> pap
This is not necessary. Delete it.
> pap {
> encryption_scheme = md5
> authtype = md5
> auto_header = yes
Did you even read the comments in radiusd.conf for the "pap" module?
The "encryption_scheme" should *not* be used in 2.0, and it is *not*
documented as a working configuration.
-+----------------------+----------------+----+----------------------------------+----------------------+
> | 90 | t1 | Crypt-Password | := |
> 83f1535f99ab0bf4e9d02dfd85d3e3f7 | cengiz
Read "man rlm_pap". Really, it explains almost everything...
> and the following in radgroupcheck table.
> +----+-----------+--------------+----+-------------+
> | id | groupname | attribute | op | value |
> +----+-----------+--------------+----+-------------+
> | 1 | dynamic | Auth-Type | := | MD5 |
Delete that entry. It's wrong.
Alan DeKok.
More information about the Freeradius-Users
mailing list