Dariusz Dwornikowski wrote:
> as i understand, I get Digest of a triple:
> user:realm:password. This is MD5 hashed.

  Then you don't have the passwords stored in MD5 hashed form.  The MD5
hash includes *more* than just the password.

  Please be specific in describing what you're doing.  It matters a LOT.

> Radius gets it and takes the same from db and calculates it compares  
> and says Access-Accept or Reject. There is no way in my mind to have  
> my passwords not in cleat text in db. Am i correct?

  You are almost always better off storing clear-text passwords in the DB.

  Alan DeKok.
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to