liran tal wrote: > also mentions that rlm_pap, if put last in the authorize section will > try to decrypt the password.
There is no decrypt. The server will crypt the plain text password that comes in the request and compare that to the stored crypted password. That is why only PAP will work since other protocols do not send the password in cleartext in the request. This is why it is recommended that the cleartext password be stored in the DB since then all protocols will work. -- Dennis Skinner Systems Administrator BlueFrog Internet http://www.bluefrog.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
