No - your user database needs to store passwords in plaintext or NTLM.
You basically have two options: use a TTLS supplicant instead (such as
wpa_supplicant or SecureW2), or change your user database.
best regards, josh.
James Taylor wrote:
Am I able to use PEAP to auth to UNIX or PAM instead of mscahpv2? Do I do
this in the EAP.CONF file? What we are basically trying to do is use
FreeRadius to authenticate against our current user database on our linux
server while still maintaining the PEAP-TLS security with wireless. Is that
even possible?
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Josh
Howlett
Sent: Thursday, October 13, 2005 2:25 PM
To: FreeRadius users mailing list
Subject: Re: FreeRadius/PEAP
James,
MSChapv2 needs plaintext or NTLM credentials. You won't be able to do
what you're trying. It works with users file because you specify the
plaintext.
josh.
James Taylor wrote:
Hi,
I am trying to secure my wireless connections using PEAP-TLS MSChapv2 to
authenticate users against my Linux /etc/shadow; /etc/password/; and
/etc/group files. I would like to use PAM but UNIX will work too. I do
not want to use the USERS file as it stores passwords in clear text and
that is what we are trying to avoid.
All my tests conclude that this functionality will not work. I am able
to Auth just fine using the USERS file with a username and password.
Any info or direction would be greatly appreciated.
Thank you
James
------------------------------------------------------------------------
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
