Thanks Chris. Anyone wanna build a module/engine to handle this?<G> It would only take a few man years..
Just kidding, no reply necessary. Rick On Tue, 14 May 2002, Chris Parker wrote: > At 07:40 PM 5/14/2002 +0100, Rick M wrote: > >Hi, > > > >Currently we use PAP to validate on our network. In the past, radius was > >unable to do CHAP via unix password file and I am not so sure freeradius > >can do it now. > > No. It's not a limitation of the radius server, it's a limitation of > how CHAP works. CHAP requires the radius server ( whether freeradius, > lucent radius, funk software, etc. ) to have access to the *plaintext* > password. By definition the system password file on unix contains a > one-way encrypted version of the password ( IE, you cannot extract the > plaintext password from the encrypted version ). > > >It appears if you do it the old way set the user up in the users file and > >use auth-type of local it will do CHAP. I need it to work with the > >password file. > > > >If there is a way to use the unix password file, I'd like to know what it > >is. <G> Examples are always welcome. > > Sorry, it's just not possible with *any* radius server. > > -Chris > -- > \\\|||/// \ StarNet Inc. \ Chris Parker > \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering > | @ @ | \ http://www.starnetwx.net \ (847) 963-0116 > oOo---(_)---oOo--\------------------------------------------------------ > \ Wholesale Internet Services - http://www.megapop.net > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
