Authentication protocols that DO support hashed passwords
ktm at rice.edu
ktm at rice.edu
Mon Nov 10 20:27:30 CET 2014
On Mon, Nov 10, 2014 at 09:18:15PM +0200, E.S. Rosenberg wrote:
> ...
> To me (someone who has been doing systemadmin/network admin/(web)
> development work) it seems like the most obvious thing in the world
> that I don't want my users passwords to be stored anywhere where
> me/any of my co-workers can get to them in cleartext and since root
> can get everywhere that means cleartext passwords belong nowhere.
>
> Now I may be naive or have never tried to develop an AUTH protocol, so
> I am just very curious what the arguments are to store cleartext?
> Regards and thanks for the quick reply,
> Eli
Kerberos works well and does not require that cleartext passwords be
stored on the server.
Regards,
Ken
More information about the Freeradius-Users
mailing list