freeradius security

Alan DeKok aland at
Tue Jun 17 10:25:06 CEST 2008

Zahra Bahar wrote:
> I mean in this connections using PAP, user-password is
> clear-txt.

  No.  It's encrypted when it's sent over the network in RADIUS, and if
you use SSL to talk to LDAP, it's encrypted there, too.

> (using chap makes ldap server not to use  encryption
> passwords in DS therefore I want to use PAP). isn't it unsecure? 


  Alan DeKok.

More information about the Freeradius-Users mailing list