Work with clear password , but not with MD5 ( but both work with radtest)

Alan Buxey alan.buxey at
Thu Oct 14 13:04:03 CEST 2021


radtest is sending plain text that can then be MD5'd and compared to
the stored value.

Wireless clients are using MSCHAPv2 - so the challenge response stuff
cannot be done with an MD5 encrypted password because the plain isnt
sent to be compared.  if you are worrying about the storage of
credentials then maybe NTHash the password , or implement a local
SAMBA environment with accounts?


More information about the Freeradius-Users mailing list