Use of SHA1 with RADIUS server

Alan DeKok aland at
Wed Jan 25 15:20:02 CET 2017

On Jan 24, 2017, at 11:23 PM, Logeswari Viswanath <logi85 at> wrote:
> What i meant was "Does freeradius use SHA1 for hashing the challenge and
> generating authenticator response in case of MSCHAP2 authentication?"

  The MS-CHAP specifications are public, and can be read by anyone. 

  There's no need to ask a question here and wait days for an answer.  You can find the answer with about 5 minutes of searching the net.

> If
> yes, is there a plan to replace it with SHA2 due to SHA1 deprecation? Will
> the RFC 2759 be updated for the same?

  MS-CHAP uses MD4, not SHA1.  If you had read RFC 2759, you would see that.

  Also, if you had read RFC 2759, you would know the procedures for updating RFCs.  Which is controlled by the IETF, not by FreeRADIUS.

  Alan DeKok.

More information about the Freeradius-Users mailing list