[EMAIL PROTECTED] wrote:
Store cleartext passwords and all eap types will work. Real problem is
the encrypted password not the eap type.
Ivan Kalik
Kalik Informatika ISP
Dana 11/1/2008, "Sergio Belkin" <[EMAIL PROTECTED]> piše:
2008/1/10, Ivan Kalik <[EMAIL PROTECTED]>:
...
rlm_ldap: Added password
{SSHA}F8XliBuxscoShNf0k7RxlC7niB7ISswp in check items
...
rlm_eap_md5: User-Password is required for EAP-MD5 authentication
...
You can't use encrypted passwords with EAP-MD5.
http://deployingradius.com/documents/protocols/compatibility.html
Ivan Kalik
Kalik Informatika ISP
Thanks Ivan! So what default eap type should I use in mixed
environment (I mean: Linux and Windows Clientes)?
EAP-TTLS with PAP inner encryption.
Though you'd need to use SecureW2 or the Open SEA supplicant for the
windows side.
Otherwise you'd need NT-Hashes for MSChap based methods, or the password
stored in the clear.
TIA
--
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
