pam_radius_auth.so authentication algorithm
o.bounaim at gmail.com
Fri Oct 20 17:20:24 CEST 2017
Thanks Alan :)
I have done a tcpdump capture and the username is sent in clear with what
it seems to be a simple MD5 hash of the password.
What do you mean by "NPS is lying to you". Is it completely safe to use the
Thanks in advance
On Fri, Oct 20, 2017 at 4:45 PM, Alan DeKok <aland at deployingradius.com>
> On Oct 20, 2017, at 10:42 AM, Oussama BOUNAIM <o.bounaim at gmail.com> wrote:
> > The authentication works, however, the NPS (Radius Server) is complaining
> > about the authentication method used by pam_radius_auth.so. It says that
> > the client is using PAP insecure PAP protocol.
> That's a stupid complaint.
> > I didn't find any parameter on the module documentation
> > <https://github.com/FreeRADIUS/pam_radius> to change this behavior.
> > Does pam_radius_auth.so support other secure protocol like CHAP ?
> CHAP isn't more secure, unfortunately. And neither is MS-CHAP.
> Ignore the message, NPS is lying to you.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
More information about the Freeradius-Users