Dariusz Dwornikowski wrote:
> as i understand, I get Digest of a triple:
> user:realm:password. This is MD5 hashed.
Then you don't have the passwords stored in MD5 hashed form. The MD5
hash includes *more* than just the password.
Please be specific in describing what you're doing. It matters a LOT.
> Radius gets it and takes the same from db and calculates it compares
> and says Access-Accept or Reject. There is no way in my mind to have
> my passwords not in cleat text in db. Am i correct?
You are almost always better off storing clear-text passwords in the DB.
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html