pptpd+freeradius+ldap: which password encryption can I use?
Alan DeKok
aland at deployingradius.com
Tue Apr 30 14:33:52 CEST 2013
Alberto Aldrigo wrote:
> I'm trying to setup a PPTPD server which would authenticate users using
> my openLDAP user database, in doing so I need freeradius.
> By now the only setup that actually works is: users in LDAP with clear
> text password.
What kind of authentication method is PPTPD using? You can tell by
looking at the FreeRADIUS debug log... which is suggested daily on this
list.
> Obviously I want to use some kind of encryption for passwords and I
> don't like the solution of using cleartext passwords and the use of a
> specific user allowed to access to the password attribute, so my
> question is: which other possibilities I have?
> Looking to this table
> http://deployingradius.com/documents/protocols/compatibility.html I
> understand that I can use pap + sha1 but I can't understand how. Can
> anyone help me understand what is possible and what not?
You're really asking the wrong question. If the only thing that works
is LDAP with clear-text passwords, then the authentication method
doesn't support encrypted passwords.
That's why the web page says it's *IMPOSSIBLE*. Because, well, it's
impossible. What other conclusion did you reach after reading that page?
Alan DeKok.
More information about the Freeradius-Users
mailing list