MS-CHAPv2 in FreeRADIUS

Grit Wehner grit.wehner at gmx.net
Sun Jul 29 10:11:19 CEST 2018


   Hi all,

   first of all sorry for my horrible english.

   My Question is as follows:

   With MS-CHAPv2 the client sends a peer-challenge, a nt-response and
   username to the server.
   Then the server calculates a challenge with help from the
   peer-challenge and the username
   of the client. I hope my understanding is correct so far.

   But what is the next step?

   Does FreeRADIUS decrypt the "client-nt-response" (encrypted challenge)
   and compares the result
   with its own calculated challenge? Or does it calculate its own
   "server-nt-response" and compares
   this to the received "client-nt-response"?

   I have found both possibilities in some documentations. I can not read
   source-code of programs
   (rlm_mschap) and RFCs are something for Developers only i think.

   Can someone help me please?

   Thank you very much.
   Greta


More information about the Freeradius-Users mailing list