preem wrote:
> I have a simillar problem with EAP-MD5 authenticating against MySQL
> DataBase.
>
> Whatever i do, it won't accept password, which is stored in the MySQL db
> using MD5('') function. However, if i send a password's hash as password it
> accepts it, which indicates something is not hashing password before
> comparing to the hash in the db.
EAP-MD5 requires access to the clear-text password. MD5 hashed
passwords are not appropriate.
http://deployingradius.com/documents/protocols/compatibility.html
> I do not understand, should the Windows XP's supplicant encrypt password
> prior to sending, or does it send it in cleartext and the radius encrypts
> before comparing?
There is no encryption of the password. It is hashed. The details
aren't important. Read the above web page for compatibility issues.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
