Ms-Chap + NT-Password

[Anton Kiryushkin]

Hi, Herwin.

Yes, I’ve tried your suggestion as well, and it doesn't work.

On Mon, 31 Dec 2018 at 15:32, Herwin Weststrate <herwin at quarantainenet.nl>
wrote:

> On 31-12-18 16:22, Anton Kiryushkin wrote:
> > In other words, how can I make a different way to authorisation users by
> > per controllers?
> > I found the option virtual_server, but when I read a log I saw that
> client
> > goes through a dedicated site with an md5-hashed password and after comes
> > back to default site.
> > What is this hash:
> >  MD5-Password := 0x6c375752517179667431416e4c4f6462714d365679413d3d
> > I saved in my database other hashed via next script:
> >
> > #! /usr/bin/perl -w
> > use strict;
> > use Digest::MD5;
> > use MIME::Base64;
> > unless($ARGV[0]){
> >  print "Please supply a password to create a MD5 hash from.\n";
> >  exit;
> > }
> > my $ctx = Digest::MD5->new;
> > $ctx->add($ARGV[0]);
> > print encode_base64($ctx->digest,'')."\n";
>
> That doesn't result in a MD5 hash, but in a base64-encoded MD5 hash. You
> can replace the last line with:
>
>   print $ctx->hexdigest."\n";
>
> (Or just use something like `echo -n "secret" | md5sum` in bash)
>
> > And passwords hashed in that way are working with VPN-site.
>
> Theoretically, FreeRADIUS will be able to use it as well, after
> performing a number of operations on it. It's probably easier to check
> if the VPN-thingy supports the output of hexdigest as well.
>
> --
> Herwin Weststrate
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

-- 
Best regards,
Anton Kiryushkin