Basic problem about radius client secret

Alan DeKok aland at
Wed Sep 2 17:26:32 CEST 2015

On Sep 2, 2015, at 11:24 AM, Timmy <moonyhk at> wrote:
> When we talk about freeradius client, it will include a string of
> characters called secret.  Is this sting an encryption key string or a
> password for the connection?

  It is a secret "token" shared by both the client and the server.  That's the simplest explanation.

  Thinking of it as a password or encryption key is wrong.

>  What should be the appropriate length of
> this sting?

  For secure systems, at least 16 bytes, taken from a random number generator.

  Alan DeKok.

More information about the Freeradius-Users mailing list