Advice on RADIUS security and MD5 encryption?
Ole Holm Nielsen
Ole.H.Nielsen at fysik.dtu.dk
Thu Feb 24 09:39:50 UTC 2022
We're using the pam_radius module for SSH login authentication on a CentOS
7 server. Our university's RADIUS server is a Microsoft Windows server.
This seems to work well.
Some of my colleagues are wary about using RADIUS for authentication
because the network traffic is encrypted with the obsolete MD5 algorithm.
I would like to understand if this is a relevant objection or not for the
present case. The Wikipedia article https://en.wikipedia.org/wiki/RADIUS
does raise some security concerns.
Question: When the user's password hash is transmitted across the network,
how secure is the password from decryption by eavesdroppers? Are there
any good articles on RADIUS security?
Thanks for sharing any insights.
Ole
--
Ole Holm Nielsen
PhD, Senior HPC Officer
Department of Physics, Technical University of Denmark
More information about the Freeradius-Users
mailing list