authenticate against SHA2 hash in EAP-MSCHAPv2
Fajar A. Nugraha
list at fajar.net
Thu Mar 1 10:52:49 CET 2018
On Thu, Mar 1, 2018 at 3:32 PM, Volodymyr Litovka <doka.ua at gmx.com> wrote:
> Hi again, colleagues,
>
> please correct me, if I'm wrong.
>
> When using mschapv2, user sends his password in cleartext and FreeRadius
> compares it to one stored in, e.g., "users":
As Stefan wrote, that is not the case with mschapv2. radius server
never recieve cleartext password from clients in this case.
You can get cleartext password from clients if they use pap,
eap-ttls-pap, or peap-gtc.
--
Fajar
More information about the Freeradius-Users
mailing list