I'd like to implement pam_radius module on some of our Linux boxes but I am worried about password (pam_radius can only do PAP) being captured and misused since the radius server is at central office and clients are all over the place.
I read (http://www.cisco.com/warp/public/480/10.html#comp_packet_encry) that radius encrypts passwords using the secret key between radius server and client, is this true with FR? I suppose I can build some stun or openvpn tunnels between linux clients and FR but before I go down that road, I'd like to know if its necessary. ____________________________________________________________________________________ Don't get soaked. Take a quick peak at the forecast with the Yahoo! Search weather shortcut. http://tools.search.yahoo.com/shortcuts/#loc_weather - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
