Phillip Smith wrote: > My problem: > I'm strongly against storing passwords in clear text so I want the > passwords in PostgreSQL to be MD5 or SHA1 hashed.
Probably salted. > Everything I've read through Google seems to be indicating that for > any form of encryption to work between the client and server, that the > database has to use clear text passwords. No. http://deployingradius.com/documents/protocols/compatibility.html > I have successfully got the FreeRADIUS + PostgreSQL combination > working with clear text, but I can not make the move to hashed > passwords. > > 1) It what I am trying to do possible? Yes. > 2) If so, is it possible without any significant drawbacks? It limits your ability to use different authentication protocols. > 3) Any pointers in the right direction to how to achieve what I am after? See "man rlm_pap". You can use the "auto-header" thing, or just use MD5-Password directly: # "users" file entry: bob MD5-Password := 0x12345... # Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
