Authentication protocols that DO support hashed passwords
E.S. Rosenberg
esr+freeradius-users at mail.hebrew.edu
Mon Nov 10 20:01:25 CET 2014
Hi all,
I was doing some research into the authentication protocol used by a
VPN solution we are trying and cam across this fairly old thread on
your list:
http://freeradius.1045715.n5.nabble.com/Chap-auhtentication-against-LDAP-td2781170.html
Which in turn links to a nice page by Alan DeKok here:
http://deployingradius.com/documents/protocols/compatibility.html
Which left me asking myself 2 questions:
1. Did anything change in the past 5 years, is there any decently
supported protocol that does support hashed passwords (other then
PAP)?
2. How can it be that all these protocols were designed with the idea
that the auth server should have a cleartext copy of the users'
password, haven't we all known for years now that that's a bad idea?
Thanks in advance,
Eli
More information about the Freeradius-Users
mailing list