I agree, Alan. this is no difference when somebody have FULL access to files. I just want to hide password from casual observer who can see for a moment this file. It's like qualcomm popper saves passwords in gdb-file. passwords are just xor'ed there.
>> MS-CHAP an similar auth-methods require to know users plain passwords. >> i want to keep passwords in file and load it by rlm_passwd. All works >> good. but for more security i think keep it crypted. > Don't bother. It doesn't make any difference. > How are you going to decrypt the passwords? The key is going to > have to go somewhere, and having a key plus encrypted passwords is no > different than having plain-text passwords. It's no matter - RC4 or elementary XOR. Even 'QWxhbg' (base64 without '=' padding) looks less readable then 'Alan' ;) Now i know how to load crypted password - i need use other attribute for this. After decryption perl have to add User-Password attribute to Check-Items. It works. Thank you. Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
