Freeradius support for password compatibility
Alan DeKok
aland at deployingradius.com
Thu Feb 9 14:18:06 UTC 2023
On Feb 9, 2023, at 8:02 AM, florentvercourt at gmail.com wrote:
> I use EAP-TTLS/PAP to authenticate my users, and I would like to know if
> freeradius is able to apply a hash to the cleartext password transmitted
> within PAP module, when passwords are stored with an SHA256 or SHA512
> encryption in an LDAP; or do I have to use "ldap bind as users" instead of
> the PAP module to authenticate my users.
Read "man rlm_pap". It can handle all of the common password formats
The LDAP module will read the password from the database, and the PAP module will authenticate the user.
All you need to do is configure the LDAP module, enable it, and send the server an Access-Request. It will work.
Alan DeKok.
More information about the Freeradius-Users
mailing list