Authentication Problem
Matthew Newton
mcn4 at leicester.ac.uk
Tue Jan 13 12:07:47 CET 2015
On Mon, Jan 12, 2015 at 04:29:27PM -0700, Robert Graham wrote:
> This is what I have but yet I know it is incorrect. I dont want to use any
> groups, it is strictly for someone to logon to our vpn and wireless
> connections. The passwords are stored in SHA-512 with Salt and unicoding.
Just be aware that if your passwords are SHA-512 you're limiting
wireless authentication to something that involves PAP (e.g.
EAP/TTLS-PAP), which e.g Windows<8.0 doesn't support natively.
Then you're down to something like Arran suggested
in inner-tunnel authorize:
update control {
SHA2-Password := "%{sql:SELECT password FROM table WHERE ...}"
}
pap
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list