From owner-freebsd-isp Tue Jul 1 00:10:46 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id AAA14888 for isp-outgoing; Tue, 1 Jul 1997 00:10:46 -0700 (PDT) Received: from gras-varg.worldgate.com (skafte@gras-varg.worldgate.com [198.161.84.12]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id AAA14882 for ; Tue, 1 Jul 1997 00:10:40 -0700 (PDT) Received: (from skafte@localhost) by gras-varg.worldgate.com (8.8.5/8.6.12) id BAA09875; Tue, 1 Jul 1997 01:18:28 -0600 (MDT) From: Greg Skafte Message-Id: <199707010718.BAA09875@gras-varg.worldgate.com> Subject: Re: system passwd to RADIUS To: rewt@i-Plus.net (Troy Settle) Date: Tue, 1 Jul 1997 01:18:27 -0600 (MDT) Cc: tomthai@future.net, chris@absinthe.i3inc.com, freebsd-isp@FreeBSD.ORG, linuxisp@friendly.jeffnet.org In-Reply-To: <199706270745.DAA27185@radford.i-plus.net> from Troy Settle at "Jun 28, 97 03:49:04 am" X-Mailer: ELM [version 2.4ME+ PL14 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-isp@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > From: Chris Shenton > >BTW: I hacked Ascend's RADIUS to treat the password entry listed in > >RADIUS users file as a crypted passwd. I think all I had to to was run > >what the RADIUS client sent to the server through crypt() then let it > >compare with what RADIUS parsed from the user file. You could get > >clever and evan modify it to use forms like > > > > Password = crypt."cx19azPss3v97" > > > >in addition to normal clear-text ones. I don't like cleartext > >passwords, so I didn't bother. The code was for Ascend's RADIUS so > >posting it here probably wouldn't help. Just look where it does the > >compare with what the client (comm server) sent with what's in the > >users file. > > I don't like cleartext passwords either, but have been forced to use them > by the PPP protocol :( > seems that MPP won't work without CHAP, and CHAP won't work with encrypted > passwords. > > Anyone know a way around this? instead of CHAP can you use PAP with a _one_way_ passwd ? .... For MPP connections (incoming anyway) PAP works fine with ascend radiusd .... > > Thanks, > > Troy Settle > Network Administrator, iPlus Internet Services > http://www.i-Plus.net > > PS: is the linuxisp list back up? or is that just wishful thinking? > > -- Email: skafte@worldgate.com Voice: +403 413 1910 Fax: +403 421 4929 #575 Sun Life Place * 10123 99 Street * Edmonton, AB * Canada * T5J 3H1 -- -- PGP 2.6.2 Key fingerprint = 42 9C 2C A8 4D 2B C9 C4 7D B6 00 B0 50 47 20 97 http://gras-varg.worldgate.com/~skafte/ http://www.worldgate.com/ -- -- When things can't get any worse, they simplify themselves by getting a whole lot worse then complicated. A complete and utter disaster is the simplest thing in the world; it's preventing one that's complex. (Janet Morris)