AES encrypted passwords
Dom Latter
freeradius-users at latter.org
Fri Sep 30 12:09:34 CEST 2016
On 29/09/16 17:57, Bogdan Rudas via Freeradius-Users wrote:
> Hello Dom,
>
> Why don't you go with EAP-TTLS+PAP ? Plain-text password transferred over
> TLS-secured channel let you use any hashing algorithm you want in your
As far as I can work out, out-of-the-box support for this protocol only
arrived for most things in about 2010. We'll have quite a lot of users
still using machines older than that. I suspect that for commercial
reasons, it's not an option. I can ask.
> database. Sure, you have to pay attention for proper device
> configuration with your CA certificate.
Do you mean a certificate needs to go on the device?
I have had a look at this:
http://cloudessa.com/tips-and-tricks/how-to-setup-eap-ttls-with-inner-pap-authentication-protocol-on-mac-os/
for example and it does not look like a certificate *needs* installing.
thanks for your suggestion.
(Apologies for my mailer dropping my real name from my previous post:
don't know why it did that).
More information about the Freeradius-Users
mailing list