FR + EAP-GTC + LDAP (SHA1)

Alan DeKok aland at deployingradius.com
Thu May 21 16:21:27 CEST 2015


On May 21, 2015, at 9:22 AM, gabriel_skupien <gabriel_skupien at o2.pl> wrote:
> Not that easy to find out how all the things should be done :)
> 
> I put in the title that we store passwords in LDAP database hashed by SHA1. According to my knowledge, LDAP won't return the "known good" password. Is that correct?

  No.

  Perhaps I didn't explain that LDAP is a database?  And that FreeRADIUS should be able to read the "known good" password from LDAP?

  Should I say that again?

  LDAP is a database.  It supplies the "known good" password to FreeRADIUS.  Which FreeRADIUS uses for authentication.

  Is that sufficient to make you believe it?

  Alan DeKok.




More information about the Freeradius-Users mailing list