How to tell freeradius of the encryption used in DB
det.explorer at yahoo.com
det.explorer at yahoo.com
Wed Aug 17 17:00:36 CEST 2011
Fajar thanks for the reply. I checked the freeradius attribute list, there is no md5-password. Should i need to add it? If yes how to add that attribute?
http://freeradius.org/rfc/attributes.html
I didn't touch freeradius config on the auth protocols. I suppose, by default freeradius is set to accept all auth protocols? Do i need to say in the config use PAP exclusively?
Thanks,
Det
On Aug 17, 2011, at 9:56 PM, "Fajar A. Nugraha" <list at fajar.net> wrote:
> On Wed, Aug 17, 2011 at 8:50 PM, det.explorer at yahoo.com
> <det.explorer at yahoo.com> wrote:
>> Hi,
>>
>> I am testing freeradius. I use dialup admin and mysql to add users, which is configured to store passwords in md5. The attribute is User-Password.
>
> Use MD5-Password attribute instead
>
>> Used radtest for testing, but seems radtest is only able to recognize cleartext password.
>
> radtest (and other NAS client, for that matter) doesn't really care
> how radius store user passwords.
>
> However, for freeradius to succesfully authenticate the user, the
> password encryption/hash method must ne compatible with the
> authentication method used. If you use PAP then you can store user
> password in any encryption/hash method supported by freeradius (MD5,
> crypt, NT-hash, etc).
>
>> How to tell freeradius that passwords are in md5?
>
> Store it as MD5-Password.
>
> As an alternative, you MIGHT be able to use auto_header (and change
> what's stored in User-Password attribute). See
> http://wiki.freeradius.org/Rlm_pap
>
>> Should i need to use other client aside from radtest?
>
> It won't really matter
>
> --
> Fajar
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list