On Tue, 2 Mar 2004, Dave Whitehouse wrote: > Hello, > > I'm new to this list and I've searched through the achieve for something that > answers my problem but as yet I can't find anything so if this has been asked > before please forgive me. > > Anyway to the point I am using freeradius ver 0.9.3 and I have an LDAP server > running and authenticating Unix User logins. > The user passwords are stored encrypted using crypt() on the LDAP server. > > I want to authenticate Router tty session logins with the same > username/password through RADIUS and have tries and failed miserably. I can > see the passwords from the router are in clear text and do not know how to > hash these passwords so that I can authenticate the user against the LDAP > server. I don't want to include any clear text passwords in the LDAP if at all > possible.
You add the ldap module in the authenticate section, so that it will perform authentication by an ldap bind operation. That way you don't need to worry about encryption, the ldap module will just bind with the user DN/<password provided in the radius access-request> and the ldap server will handle the password comparison. > > Is this possible and if so can anyone point me in the right direction please, > I am pulling my hair out ! > > Thanks and best regards > > D Whitehouse. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
