Am 09.06.2008 um 17:58 schrieb [EMAIL PROTECTED]:


I understand that radius authenticating ppp (PPTP in this case) connections against shadow passwords requires cleartext authentication (PAP).

Does PAM allow you to work around this? From reading what I can find on PAM, it would seem that FreeRADIUS would pass off the authentication request to PAM and PAM could then take care of the crypt/decrypt, thus allowing CHAP or MSCHAP client authentication against shadow passwords.

PAM cannot do anything more.

The problem is that shadow passwords are hashed in one way, MS-CHAP hashes another way. So the hashes are incompatibles and you cannot decode hashes; that is why there are made for. (There is no "decrypt" for this reason.)

One possible way is to check again Samba passwords if it is something possible for you to have.



Is this correct?

No. sorry.


TIA,

Have a nice day!


James Smallacombe                     PlantageNet, Inc. CEO and Janitor
[EMAIL PROTECTED]                                                           
http://3.am
====================================================================== ===
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html

Nicolas Goutte


extragroup GmbH - Karlsruhe
Waldstr. 49
76133 Karlsruhe
Germany

Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle
Registergericht: Amtsgericht Münster / HRB: 5624
Steuer Nr.: 337/5903/0421 / UstID: DE 204607841




-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to