store encypted passwords

Ithoq Projosasmita ithoq at kendil.com
Wed Oct 10 10:28:54 CEST 2012


U should use crypt function on mysql when update crypt-password value
I.e: update radcheck set value=crypt('password') where
ATTRIBUTE='crypt-password' and USERNAME='foo';

Or maybe you mean stay plaintext is from debuged running freeradius? It
should be like that because pap auth, for make sure auth is using the
crypted password one just remove cleartext-password record for apropiate
user. I had use crypt password w ubuntu freeradius and workin good

Cmiiw and sorry for my bad english

Regards
Bandel
On Oct 9, 2012 9:10 PM, "jon jon" <free9360 at gmail.com> wrote:

> I was mixed up on what table I am talking about its the radcheck
> table. I was using navicat to set the attribute to Crypt-Password and
> refreshing the database. The password stayed in plain text.
>
> On Mon, Oct 8, 2012 at 4:29 PM, Matthias Nagel
> <matthias.h.nagel at gmail.com> wrote:
> > Hello,
> >
> > first, please use the correct way of quoting for mailing list. This is
> to say, write your comments below the original text that it refers to. That
> way readers who pick up a thread later can follow more easily. But now back
> to topic.
> >
> > Am Montag 08 Oktober 2012, 16:17:52 schrieb jon jon:
> >> On Mon, Oct 8, 2012 at 4:02 PM, Matthias Nagel
> >> <matthias.h.nagel at gmail.com> wrote:
> >>> Hello,
> >>>
> >>>> I have set up FreeRADIUS Version 2.1.10 on an Ubuntu server 12.04,
> >>>> Mysql Server version: 5.5.24. Everything is up and running but the
> >>>> users passwords are stored in plain text in raddacct. I tried changing
> >>>> the attribute to Crypt-Password but it doesn't change anything.
> >>>
> >>> What do you mean by "doesn't change anything"? If you have changed the
> attribute name to "Crypt-Password" and you also modified the attribute's
> value accordingly, what do you expect? If it still works, then be happy.
> >>
> >> doesn't change anything = password is still showing as plain text. What
> do mean by " modified the attribute's value accordingly"?
> >
> > You wrote that you changed clear text passwords to crypt-passwords. This
> means to me you updated your database, hence your database does not show
> clear text passwords anymore. What exactly did you do, when you changed
> from clear text to crypt-passwords?
> >
> > I assumed to did something like this:
> >
> > UPDATE radcheck set attribute = 'Crypt-Password', value =
> SOME_FANCY_CONVERT_FUNCTION( value ) WHERE some_senseful_condition_here;
> >
> > Anyway, I now notice that you were speaking of "radacct". This table is
> not to show any password at all.
> >
> >>>
> >>>
> >>>> Do I
> >>>> need to make a change to a config file also? Not sure what type of
> >>>> encryption would be best one that works MD5?
> >>>
> >>> For a copatibilty of password encryption schemes and protocols, see
> here:
> >>> http://deployingradius.com/documents/protocols/compatibility.html
> >>>
> >>>> Thanks,
> >>>
> >>> Matthias
> >
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121010/7a8cd2e9/attachment.html>


More information about the Freeradius-Users mailing list