Secure Storage and Transport of User Credentials

alan buxey A.L.M.Buxey at
Wed Jul 11 14:21:47 CEST 2012


>    is there a way to securely transport and store the Username/Password with
>    freeradius?
>    If I am informed correctly, you can use PEAP to ensure that the data is
>    encrypted but the most supported PEAP mode is with MSCHAPv2 which implies
>    that the passwords are stored in clear text or NT-Hash.

....PEAP will securely transport things - as with MSCHAPv2 the password is never sent.

whether the passwords are stored in plain/nt-has format is down to how you are doing things..
if they are stored in AD then they are not stored in a plain format.


More information about the Freeradius-Users mailing list