Freeradius + EAP-TLS + LDAP
Sven Hartge
sven at svenhartge.de
Tue Apr 19 17:39:48 CEST 2011
Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> On 19/04/11 15:24, Sven Hartge wrote:
>> Alexandros Gougousoudis<gougousoudis-list at servicecenter-khs.de> wrote:
>>> The users should be checked by uid and the password should be
>>> checked, but I have of course no cleartext-password in my LDAP, they
>>> are all crypt or MD5 (depends on tree).
>>
>>> Is this possible or not?
>>
>> No, impossible.
>>
>> If you want to use LDAP to authenticate your users, you _need_ a
>> cleartext password somewhere.
> Hang on - the OP said he wanted to do EAP-TLS.
> For EAP-TLS there is no inner-auth, and no passwords.
Ah, yes. But he also wrote about checking the password.
EAP-TLS uses client certificates, no user password involved.
Grüße,
S°
--
Sigmentation fault. Core dumped.
More information about the Freeradius-Users
mailing list