Re: Help: PAP with Sha1
vishal_nitr
vishal_nitr at rediffmail.com
Fri Apr 20 14:01:09 CEST 2012
Thanks for the mail Alan. I don't agree with your comment that it is *not* RADIUS if we choose SHA1 over MD5. RADIUS supports SHA1 hashed user-password attribute. Following link confirms it.http://freeradius.org/radiusd/man/rlm_pap.txt.Please have a look.
Thanks and Regards,
Vishal Kotalwar,
Bangalore-35.
09900055647.
From: Alan DeKok <aland at deployingradius.com>
Sent: Fri, 20 Apr 2012 17:07:45
To: vishal_nitr at rediffmail.com, FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: Help: PAP with Sha1
vishal_nitr wrote:
> I am using free-radius-2.1.12. My requirement is to change
> algorithms used in my project to FIPS complaint ones.
That is changing the RADIUS protocol. It won't be compatible with any
other RADIUS system on the planet. Changing the protocol is not a good
idea.
> I see that radius
> uses MD5 for encoding/decoding passwords. I am using PAP authentication.
> In my radius client I changed encoding to SHA1; due to which radius
> started rejecting auth requests saying password mismatch from rlm_pap
> which is obvious.
> I tried changing few things in lib/radius.c to SHA1 but with no success.
This list isn't the place to ask questions about coding. It's for
questions related to configuring FreeRADIUS.
Coding questions normally belong on the freeradius-devel list.
However, because you're *not* using RADIUS, your coding questions don't
belong there.
We can't help you change RADIUS. I suggest debugging the program
yourself. Standard C skills will help here.
Alan DeKok.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120420/bfd74a0a/attachment.html>
More information about the Freeradius-Users
mailing list