Freeradius + EAP-TLS + LDAP

Phil Mayers p.mayers at imperial.ac.uk
Tue Apr 19 17:15:37 CEST 2011


On 19/04/11 15:24, Sven Hartge wrote:
> Alexandros Gougousoudis<gougousoudis-list at servicecenter-khs.de>  wrote:
>
>> The users should be checked by uid and the password should be checked,
>> but I have of course no cleartext-password in my LDAP, they are all
>> crypt or MD5 (depends on tree).
>
>> Is this possible or not?
>
> No, impossible.
>
> If you want to use LDAP to authenticate your users, you _need_ a
> cleartext password somewhere.

Hang on - the OP said he wanted to do EAP-TLS.

For EAP-TLS there is no inner-auth, and no passwords.



More information about the Freeradius-Users mailing list