Password Hashed + Salted before authentication with an embedded script

Alan DeKok aland at deployingradius.com
Fri Jan 9 17:38:49 CET 2015


On Jan 9, 2015, at 10:54 AM, Robert Graham <robert_graham at uhaul.com> wrote:
> Ia there a way to embed a python script into freeradius 3 to hash and salt the users password before authenticating to the MS SQL database…

  Yes.  But you don’t want to do it.

> We have a USERNAME HASHEDPASSWORD SALT column in our database. I want to be able to compare the two passwords that are both hased before allowing the user to connect...

  FreeRADIUS is an authentication server.  It can handle hashed passwords.

  What format are the hashed passwords using?

  You should be able to configure FreeRADIUS to read the passwords from SQL, and then do the authentication itself.  That will be a LOT simpler and faster than writing a python script.

  Alan DeKok.



More information about the Freeradius-Users mailing list