Is tunnel right? (EAP-TTLS)
Sergio Belkin
sebelk at gmail.com
Thu Feb 14 13:49:35 CET 2008
2008/2/14, A.L.M.Buxey at lboro.ac.uk <A.L.M.Buxey at lboro.ac.uk>:
> Hi,
>
> > Sorry for insist on, but is right that in debug mode show the user
> > password, even using tunnel?
>
>
> yes - if the password is available is a clear format - eg not
> a challenge/response method. ALL passwords get printed in clear
> text.
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
But, I don't understand, how can be shown it if password is encrypted
in LDAP and I am using EAP-TTLS, is not the password into the tunnel?.
I am using securew2 with PAP from windows clients. Does it mean that
password could be sniffed when radius is not running in debug mode??
Thanks in advance...
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
More information about the Freeradius-Users
mailing list