I was afraid you'd say that. What would you suggest as a workaround for this problem? Could I do EAP-TTLS using the securew2 client instead? Or am I better off creating a 2nd password attribute on the LDAP directory that is maybe encoded as an NT-Password attribute or something like that.
Thanks Matt Ashfield Network Analyst Integrated Technology Services University of New Brunswick (506) 447-3033 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: July 17, 2006 4:00 PM To: [EMAIL PROTECTED]; FreeRadius users mailing list Subject: Re: 802.1x with mschap-radius-ldap with ssha-1 passwords "Matt Ashfield" <[EMAIL PROTECTED]> wrote: > I'm trying to do 802.1x authentication using freeradius against an LDAP > directory which stores the userPassword in an ssha-1 hash. My question is, > is this possible? If so, how do I configure mschap for ssha-1 passwords? You don't. It's impossible. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
