primoz wrote: > And PAP is not very safe and smart way to go as i read it.
PAP is fine for RADIUS. > So, crypted passwords are usefull only in web applications? That's not at all what I said. I specifically mentioned Unix logins. Crypt'd passwords are useful only for PAP. There are many, many, kinds of systems using clear-text passwords (i.e. PAP) for authentication. > I read a lot > lately about, how one should never store passwords in clear text, i > guess that applies only to web apps. No. It's written by people who either don't understand security, OR aren't using EAP methods. Again, if all you're doing is PAP, then crypt'd passwords are OK. If you need EAP, you also need clear-text passwords. Stop trying to apply comments from web application "how-to's" to RADIUS. They're not the same, and the security analysis is not the same. > It is safe, sane, and common practice to store passwords in clear > text. > > I do not have many experience with this, in fact its my first project on > the matter. Then why are you questioning the answers you get here? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
