Proxy-tester nagios check for Freeradius
Fekete Tamás
fektom at gmail.com
Wed Feb 6 09:31:29 CET 2019
Thank you!
It solved all my further questions.
Alan DeKok <aland at deployingradius.com> ezt írta (időpont: 2019. febr. 5.,
K, 14:01):
> On Feb 5, 2019, at 5:58 AM, Fekete Tamás <fektom at gmail.com> wrote:
> >
> > I would like to make a proxy-tester Nagios check for Freeradius and would
> > like to ask some help for debugging as I experience some problem with
> using
> > eapol_test.
> >
> > The design is that a user wants to authenticate at realm "A" with
> > credentials stored at realm "B".
> > The infrastructure already set up for proxying based on the realm names
> and
> > the Access-Requests are do forwarded.
>
> OK...
>
> > I tried this proxy scenario with radtest. And with radtest it works.
> >
> > However, I have some questions regarding this developer work.
> > Maybe you can help me.
> >
> > The first is: is it true, that radtest doesn't encrypt it's messages so
> > proxy requests will contain the password in a recoverable manner?
>
> The User-Password attribute is protected "on the wire". The passwords
> are recoverable, because the home server has to check them.
>
> See RFC 2865 Section 5.2 for more information.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list