AES encrypted passwords

Dom Latter freeradius-users at
Fri Sep 30 12:09:34 CEST 2016

On 29/09/16 17:57, Bogdan Rudas via Freeradius-Users wrote:
> Hello Dom,
> Why don't you go with EAP-TTLS+PAP ? Plain-text password transferred over
> TLS-secured channel let you use any hashing algorithm you want in your

As far as I can work out, out-of-the-box support for this protocol only
arrived for most things in about 2010.  We'll have quite a lot of users
still using machines older than that.  I suspect that for commercial
reasons, it's not an option.  I can ask.

 > database. Sure, you have to pay attention for proper device
 > configuration with your CA certificate.

Do you mean a certificate needs to go on the device?

I have had a look at this:
for example and it does not look like a certificate *needs* installing.

thanks for your suggestion.

(Apologies for my mailer dropping my real name from my previous post:
  don't know why it did that).

More information about the Freeradius-Users mailing list