Date: Wed, 17 Sep 2003 15:28:18 +1200 From: Andrew Thompson <andy@fud.org.nz> To: Martin Jessa <freebsd@yazzy.org> Cc: freebsd-isp@freebsd.org Subject: Re: FreeRadius and md5 hashed passwords Message-ID: <03Sep17.032612nzst.336011@homer.fire.org.nz> In-Reply-To: <20030917045828.4c7f7ec9.freebsd@yazzy.org> References: <20030917030343.52426383.freebsd@yazzy.org> <20030917022435.GA14843@laptop.lambertfam.org> <20030917045828.4c7f7ec9.freebsd@yazzy.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Martin Jessa wrote:
> Hi Scott, guys.
>
> I am stucked. I made some changes in the config file and added Auth-Type to the radgroupcheck table (which was previously empty) and now I cannot authenticate at all.
> Seems like the problem is somewhere else.
>
> My radiusd.conf:
>
> modules {
> mschap {
> authtype = MD5
> use_mppe = yes
> require_encryption = yes
> require_strong = yes
> encryption_scheme = md5
> }
>
>
My understanding was that chap required the password on the sever to be
in plain text, so MD5 could not be used. The response from the client
is encrypted with the password, so if its also encrypted locally, it
cant be checked.
You may need to use pap.
Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?03Sep17.032612nzst.336011>