On 28 November 2012 19:54, Brian Julin <bju...@clarku.edu> wrote:
> WPA2-Enterprise with PEAP authentication is automatically recognized
> by most new clients these days. The clients will prompt for a username
> and a password. If you generate an ntcrypt (by shelling out of FR to
> a utility to do so) for an inbound username/password on the RADIUS side
> from a known cleartext password on the fly, you can arrange things such
> that that password is accepted for any username.
Hi Brian,
Slightly tangential to the original question. But if you want to
implement as per this suggestion, why do you need the external ntcrypt
script. All that functionality is built in, just do this:
server INNER-eap {
authorize {
...
update control {
Cleartext-Password := 'thePassword'
MS-CHAP-Use-NTLM-Auth := 0
}
...
}
...
}
Kind regards,
James
--
James J J Hooper
Senior Network Specialist, University of Bristol
http://www.wireless.bristol.ac.uk
--
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
