Advice on RADIUS security and MD5 encryption?

Ole Holm Nielsen Ole.H.Nielsen at fysik.dtu.dk
Thu Feb 24 09:39:50 UTC 2022


We're using the pam_radius module for SSH login authentication on a CentOS 
7 server.  Our university's RADIUS server is a Microsoft Windows server. 
This seems to work well.

Some of my colleagues are wary about using RADIUS for authentication 
because the network traffic is encrypted with the obsolete MD5 algorithm. 
I would like to understand if this is a relevant objection or not for the 
present case.  The Wikipedia article https://en.wikipedia.org/wiki/RADIUS 
does raise some security concerns.

Question: When the user's password hash is transmitted across the network, 
how secure is the password from decryption by eavesdroppers?  Are there 
any good articles on RADIUS security?

Thanks for sharing any insights.

Ole

-- 
Ole Holm Nielsen
PhD, Senior HPC Officer
Department of Physics, Technical University of Denmark


More information about the Freeradius-Users mailing list