If you use a 3rd party supplicant, you should be able to do EAP-TTLS/PAP and have the PAP authentication use the users file. You will be transmitting the password in the clear but it will be transmitted through an encrypted tunnel between your PC and the RADIUS server so, in effect, it's encrypted.
The MS 802.1x supplicant only supports EAP-TLS and PEAP-MSCHAPv2. You could use something like SecureW2 (a plugin to the MS supplicant that supports EAP-TTLS), Funk Odyssey or Meetinghouse Aegis. I'm sure there are others but those are the three that I know support EAP-TTLS/PAP. Rgds, Guy > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Tim Cross > Sent: 23 March 2005 17:19 > To: [email protected] > Subject: Re: WinXP SP1/wireless/FreeRADIUS > > > So putting users in the "users" file will allow me to > authenticate wireless > XP clients using only a password (no certificates)? I realize it is > unsecure... > > >From: "Alan DeKok" <[EMAIL PROTECTED]> > >Reply-To: [email protected] > >To: [email protected] > >Subject: Re: WinXP SP1/wireless/FreeRADIUS Date: Wed, 23 Mar 2005 > >12:12:59 > >-0500 > > > >"Tim Cross" <[EMAIL PROTECTED]> wrote: > > > All I need is for WinXP to authenticate against > freeradius using my > >Linux > > > server's passwd file that way I can consolidate passwords. > > > > It's impossible. The security design of the protocols involved > >makes it impossible. > > > > You will need clear-text or NT-hashed passwords on FreeRADIUS to > >authenticate XP. > > > > Alan DeKok. > > > > > >- > >List info/subscribe/unsubscribe? See > >http://www.freeradius.org/list/users.html > > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
