Secure Storage and Transport of User Credentials

alan buxey A.L.M.Buxey at
Wed Jul 11 14:49:49 CEST 2012

>    The problem is, that I do not trust the network and I don't want to store
>    the password in plain.
>    Also, isn't the NT Hash insecure beacuse it is easily cracked? Or am i
>    mixing things up?

if you dont trust the network then you will also need to looking at using TLS to transport
things around - eg RADSEC or a VPN tunnel.

as for NT hash - yes, there are security issues but only if you have access to them
or expose them - if you bind the FreeRADIUS system to an AD and use eg ntlm_auth then the NThash
isnt accessed.


More information about the Freeradius-Users mailing list