RFC 8146 support in FreeRADIUS

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Oct 4 22:33:59 CEST 2019

> On 4 Oct 2019, at 07:17, Alan DeKok <aland at deployingradius.com> wrote:
> On Oct 4, 2019, at 7:08 AM, Alberto Martínez Setién via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>> I have got to work EAP-PWD with FreeRADIUS, which is nice, but I have not
>> been able to make it work with hashed passwords (Password-With-Header
>> variable).
>> I found RFC 8146, which defines new password preprocessing techniques, that
>> would make EAP-PWD usable without having to store the password in cleartext
>> or symmetric-encrypted.
>> ¿Is there any plan to implement the RFC?
>  We have a long list of things we're working on.  The priorities depend on usefulness, ease of implementation, and how complex it is to do.
>  But as always, this is an Open Source project.  If everyone sits around and does nothing, it goes nowhere.
>  If someone sends a patch, it's much more likely to get integrated.  Or, if people *contribute*, it lowers the dev teams workload, and makes it more likely that a new feature can make it in.

Or if you can confirm this is supported already in wpa_supplicant, then we'd be much more likely to add support.


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

More information about the Freeradius-Users mailing list