Ok, so from all the info I have gathered it is not possible to decrypt the MS-CHAP password into a clear text. Is there any method to authenticate wireless EAP clients to a kerberos server? As of right now, things are looking bleak, seeing how rlm_krb5 needs the plain-text password and MS-CHAP doesnt give that. Has anyone attempted authenticating wireless EAP (specifically LEAP and PEAP) clients to a kerberos?
Thanks, Chris -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan DeKok Sent: Monday, July 07, 2003 11:43 AM To: [EMAIL PROTECTED] Subject: Re: User-Password Attribute Chris Akens <[EMAIL PROTECTED]> wrote: > What I have been unable to figure out is how I pass the correct User-Pass > attribute from LEAP to rlm_krb5 and become authenticated. You can't. It's impossible. The clear-text password is never sent in a LEAP packet. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
