AES encrypted passwords
Adam Bishop
Adam.Bishop at jisc.ac.uk
Fri Sep 30 12:20:05 CEST 2016
On 30 Sep 2016, at 11:09, Dom Latter <freeradius-users at latter.org> wrote:
> I have had a look at this:
> http://cloudessa.com/tips-and-tricks/how-to-setup-eap-ttls-with-inner-pap-authentication-protocol-on-mac-os/
> for example and it does not look like a certificate *needs* installing.
Well if you're not provisioning the root CA why are you concerned about database encryption?
An attacker can just harvest the credentials out of the air as they fly past.
Regards,
Adam Bishop
gpg: E75B 1F92 6407 DFDF 9F1C BF10 C993 2504 6609 D460
jisc.ac.uk
Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.
More information about the Freeradius-Users
mailing list