FR and PEAP question

Nicolas Goutte nicolas.goutte at extragroup.de
Mon May 26 16:05:38 CEST 2008 

Am 26.05.2008 um 16:00 schrieb Nicolas Goutte:

>
> Am 26.05.2008 um 15:41 schrieb Matt Ashfield:
>
>> Hi,
>>
>>
>>
>> We’re looking into using PEAP with MSChapV2,  instead of PAP  
>> (don’t want to use the SecureW2 client anymore) so are  
>> investigating ways to store the password in LDAP.
>>
>>
>>
>> According to http://deployingradius.com/documents/protocols/ 
>> compatibility.html ,the options are storing the password in Clear- 
>> Text or in an NT Hash (ntlm_auth).
>>
>>
>>
>> In talking with our LDAP people, I was told the following:
>>
>> SunOne does not support nt-hash passwords. Supported formats are  
>> CLEAR, CRYPT, DES, NS-MTA-MD5 (Netscape MD5), SHA, and SSHA.
>>
>> Fedora Directory Server 1.1.0 supports CLEAR, CRYPT, DES, MD5, NS- 
>> MTA-MD5, SHA, SHA256, SHA384, SHA512, SSHA, SSHA256, SSHA384, and  
>> SSHA512.
>>
>>
>>
>>
>>
>> It sounds to me like if we want to do PEAP/MSChapV2 we’d have to  
>> store the password in cleartext? I would just like to verify this  
>> via this list.
>>
>
> Yes, not any of the formats is NT Hash.
>
> (NT Hash is the MD4 hash of the UTF-16LE encoding of the password.)

I have forgotten: as NT-Hash under Linux is "handled" by Samba, you  
should check in that direction too, e.g. smbpasswd.

>
>>
>>
>> Any advice is appreciated.
>>
>>
>>
>> Thanks
>>
>
> Have a nice day!
>
>>
>>
>> Matt
>>
>> mda at unb.ca
>>
>>
>>
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/ 
>> list/users.html
>
> Nicolas Goutte
>
>
> extragroup GmbH - Karlsruhe
> Waldstr. 49
> 76133 Karlsruhe
> Germany
>
> Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
> Registergericht: Amtsgericht Münster / HRB: 5624
> Steuer Nr.: 337/5903/0421 / UstID: DE 204607841
>
>
>

Nicolas Goutte


extragroup GmbH - Karlsruhe
Waldstr. 49
76133 Karlsruhe
Germany

Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
Registergericht: Amtsgericht Münster / HRB: 5624
Steuer Nr.: 337/5903/0421 / UstID: DE 204607841



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080526/9b09abbb/attachment.html>

More information about the Freeradius-Users mailing list