Salted SHA512

Nathan Ward lists+freeradius at
Tue Sep 6 03:57:27 CEST 2016

> On 6/09/2016, at 11:54, Laurens Vets <laurens at> wrote:
> On 2016-09-05 06:03, Alan DeKok wrote:
>> On Sep 4, 2016, at 7:36 PM, Laurens Vets <laurens at> wrote:
>>> Hmm, not sure where to look. It seems both OpenVPN and StrongSwan send EAP requests to FreeRADIUS, but from when I can see, EAP only supports MD5 and Crypt?
>>  EAP just carries authentication data. There are multiple kinds of
>> authentication types within EAP.
>>> Does that mean I should change it to PAP instead of EAP?
>>  You won't be able to.
>>> The goal is to have OpenVPN and StrongSwan authenticate users with FreeRADIUS and have their password encrypted in the radius database.
>>  It may be possible.  It might not be possible.
> It seems changing "default_eap_type = md5" to "default_eap_type = gtc" in "/etc/freeradius/mods-enabled/eap" works. I'm now using attribute "SSHA-Password" with a hash generated with the perl script "" from "FreeRADIUS Beginner's Guide". This works.
> I'm now trying to convert this to "SSHA2-512-Password", but I cannot seem to generate the correct password hash... I've tried to use "mkpasswd" from the whois tools, passlib Python libary, hashlib Python library, ...
> This brings me back to my initial question, does anyone here have a tool that generates the correct "SSHA2-512-Password" (Salted SHA512) for FreeRadius so I can double-check what I might be doing wrong?


(1) pap: ERROR: "known-good" SSHA2-512-Password has incorrect length, got 64 bytes, need at least 65 bytes

Your DB comes back with:
(1) sql:   SSHA2-512-Password := 0x61363138336661396262643730366336373331616366343165393231386339616239343836376234623333376533643666616432393032376135363661353765393134666334633832613763356665376662376231393435663539633863333731353164656230663765663563643361616235

This is 115 bytes, which seems odd as this should be hex. What is your salt?

I note that your two different values for SSHA2-512-Password are treated differently by FreeRADIUS despite being the same length string in the debug output:
(1) pap: Normalizing SSHA2-512-Password from hex encoding, 128 bytes -> 64 bytes
(1) pap: Normalizing SSHA2-512-Password from hex encoding, 192 bytes -> 96 bytes

Not sure why this happens - I don’t see 128 or 192 bytes anywhere. It’s not clear to me why the 115 bytes above are treated as 128 or 192 bytes. The hex checking looks for an even length string.
Unless.. is this being trimmed in the debug output? Can you show the actual values in your database?

Have you tried this?

Nathan Ward

More information about the Freeradius-Users mailing list