From owner-freebsd-isp Thu Jun 26 00:29:41 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id AAA08522 for isp-outgoing; Thu, 26 Jun 1997 00:29:41 -0700 (PDT) Received: from mailbox.hogia.net (mailbox.hogia.net [195.100.64.5]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id AAA08516 for ; Thu, 26 Jun 1997 00:29:38 -0700 (PDT) Received: from enterprise.hogia.net (sa@enterprise.hogia.net [195.100.64.3]) by mailbox.hogia.net (8.8.5/8.6.9) with SMTP id JAA08469; Thu, 26 Jun 1997 09:29:18 +0200 Date: Thu, 26 Jun 1997 09:29:29 +0200 (MET DST) From: Sebastian Andersson To: "Tom T. Thai" cc: freebsd-isp@FreeBSD.ORG, linuxisp@friendly.jeffnet.org Subject: Re: system passwd to RADIUS In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk -----BEGIN PGP SIGNED MESSAGE----- On Wed, 25 Jun 1997, Tom T. Thai wrote: > Any one know how to convert a unix password file to RADIUS? I think doing > a few thousand by had is very tedious :< Also, anyway to decrypt the > password with SU access? Some radius servers can use the encrypted password file by specifying UNIX as the password. This prevents the users from using CHAP though. You could start with this and as users change their passwords you store the new password in the radius database. Unless you use some UNIX without encryption (as my old NetBSD system on my amiga500 ;-) it is very hard to recover the password from the passwd file since it uses a one way hashing algorithm. The crack program can be used to try to find passwords but it will only find bad passwords in a reasonable time. If your users use POP, ftp or telnet to your computer you can patch those servers to store the username and password to a file or run a sniffer to capture the info. /Sebastian See http://www.hogia.net/keys/sa-pgp.asc for public pgp key. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBM7IaW8Vx5kJf+XX1AQF06wP8DFOc3jdTNQxFbgjMJVv7DfjiQ7e+4WLJ PBjf+lgz5dQS+cRy4z/gVqZuozx9sP7SuvzBbKuSFtnusxxb29xgPlITzb6TluxU /6eMzR4aUr07CjBvDYGb1dDrGqowT+fit4O140AzitaFpTyf9OT190r/RJvo/f3h HZKvLHxRgq4= =FZev -----END PGP SIGNATURE-----