From owner-freebsd-questions Thu Oct 26 15:00:36 1995 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id PAA29444 for questions-outgoing; Thu, 26 Oct 1995 15:00:36 -0700 Received: from hemi.com (hemi.com [204.132.158.10]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id PAA29411 for ; Thu, 26 Oct 1995 15:00:03 -0700 Received: (from mbarkah@localhost) by hemi.com (8.6.11/8.6.9) id QAA12305; Thu, 26 Oct 1995 16:04:05 -0600 From: Ade Barkah Message-Id: <199510262204.QAA12305@hemi.com> Subject: Re: TACACS or RADIUS To: andrew@fish.net.au (Andrew Khoo) Date: Thu, 26 Oct 1995 16:04:05 -0600 (MDT) Cc: questions@freebsd.org In-Reply-To: <199510262346.XAA08804@fish.net.au> from "Andrew Khoo" at Oct 26, 95 11:46:48 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Content-Length: 911 Sender: owner-questions@freebsd.org Precedence: bulk > Anybody got any info on getting the above functioning on a FreeBSD box? > At the same time, is there any PPP daemon that will use the same password > file on a FreeBSD box for authentication? I have TACACS working here with FreeBSD 2.0.5. Basically the final way I made it work is to rip out the `alternate password file' option from the Cisco Tacacs source code, since there were some missing system calls (setpwfile()...). As long as using the "same password file" for doing PPP authorization, I'm not sure that is entirely possible since (in my understanding) protocols such as CHAP or PAP require plain text passwords instead of the DES/MD5 crypted passwords stored in the server. -Ade Barkah -------------------------------------------------------------------- Inet: mbarkah@hemi.com - HEMISPHERE ONLINE - www: --------------------------------------------------------------------