Issue with MSCHAP

Phil Mayers p.mayers at imperial.ac.uk
Sun Nov 4 22:38:30 CET 2012


Your only choices are outlined at the url you were given I'm afraid - store the cleartext or nt hash of the password, which will entail a password change (or capture); or switch to eap-ttls/pap.

This is a property of the cryptographic aspects of the algorithms in question and can't be worked around. 

Ryan Summey <ryan.summey at gmail.com> wrote:

>So how do we secure the user accounts in the database?
>

-- 
Sent from my mobile device, please excuse brevity and typos.


More information about the Freeradius-Users mailing list