NTLM hashed passwords.

Dom Latter freeradius-users at latter.org
Fri Jul 15 17:34:30 CEST 2016


Hi all,

for a couple of years now we have been using freeradius to support
a Wifi network.  We are using WPA2-Enterprise.  We need to support
clients running any and every operating system.

Currently we store passwords as plain text in a "radcheck" table
in the database.

I am experimenting with replacing "User-Password" (yes, I know it
should be "Cleartext-Password") with an "NT-Password" generated by
smbencrypt.

So far it seems mostly okay with Windows, Android, iOS and MacOS.
And Linux.

Are there any pitfalls or gotchas to watch out for?  Any
systems that only do MSCHAPv1 (which I believe requires
the plain text password).

thanks

dom


More information about the Freeradius-Users mailing list