> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alan > DeKok > Sent: Thursday, July 07, 2005 12:36 PM > To: [EMAIL PROTECTED]; FreeRadius users mailing list > Subject: Re: Silly question - secure Radius? > > > "Shawn Kennedy" <[EMAIL PROTECTED]> wrote: > > I am just getting started with setting up > > Radius, and with the reading I've done (mostly > > with the O'Reilly book), it seems that Radius > > in itself is insecure. Sure, you can use a > > Shared Secret and the password is sent with a > > MD5 hash, but is there anything better? > > "radsec", which Radiator just came out with. > > I've taken a quick look at it, but I don't think it will be easy to > implement inside of the current server. Adding it via an external > program should be relatively trivial, though.
Hi Alan, Thanks for the heads up. Wasn't aware of such a thing. I briefly looked at CHAP, but abandoned it for the obvious reasons. Looking into EAP-TLS, but don't have a PKI infrastructure set up yet. Just as a side question, is this sort of thing on FreeRadius's radar screen? Thanks again, Shawn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
