Secure Storage and Transport of User Credentials
alan buxey
A.L.M.Buxey at lboro.ac.uk
Wed Jul 11 14:21:47 CEST 2012
Hi,
> is there a way to securely transport and store the Username/Password with
> freeradius?
> If I am informed correctly, you can use PEAP to ensure that the data is
> encrypted but the most supported PEAP mode is with MSCHAPv2 which implies
> that the passwords are stored in clear text or NT-Hash.
....PEAP will securely transport things - as with MSCHAPv2 the password is never sent.
whether the passwords are stored in plain/nt-has format is down to how you are doing things..
if they are stored in AD then they are not stored in a plain format.
alan
More information about the Freeradius-Users
mailing list