FreeRADIUS without Universal Password
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Thu Feb 5 17:52:36 CET 2009
Hi,
> I had to ask, I have people telling me that this is a limitation of only
> FreeRADIUS and not all RADIUS servers in general. There is a concern
> that the UP is being stored in clear text in Novell and we need to turn
> off that service and only use simple password. Since I am no Novell
> admin I really do not have a clue if we can encrypt the UP that is stored
> on the server or what other implications there are in turning off UP.
you *might& be able to encrypt it - it'll still have to be in the same
place etc - then you might be able to use the auto-handle features
of FreeRADIUS for it to decrypt the password to something suitable.
never tried, but sounds feasible. the record would/may(?) have to
start with the encryption flavour used eg {SHA256} or somesuch
alan
More information about the Freeradius-Users
mailing list