Evan Vittitow wrote: > When using OpenLDAP, is there a way to make CHAP work without storing > passwords as clear text/
OpenLDAP has nothing to do with it. Crypt is one-way by its very nature. Since CHAP crypts it on the wire, the password that RADIUS (or any service) checks against must be in clear text because it cannot decrypt the password that it was sent. See this for further details: http://deployingradius.com/documents/protocols/compatibility.html In short, the answer is: no, secure your database. -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
