[EMAIL PROTECTED] (Robert Spier) wrote:
> Is or has any work being done for MSCHAP authentication on the server
> side?
>
> (Or any other encrypted-transport/encrypted-storage mechanisms?)
MS-CHAP is *not* an encrypted-transport/encrypted-storage mechanism.
Yes, I know that MS-CHAP on the server side will store a hashed form
of what the user thinks of as their password, but that hashed thing is
all you need on the client side in order to authenticate itself to the
server. In that sense the hashed thing is itself a cleartext
password.
The only advantage of storing the hashed thing comes because of the
bad (IMHO) decision to use the *same* password for authenticating a
user to a machine, and for authenticating that machine to another
machine.
Paul.
-
To unsubscribe from this list: send the line "unsubscribe linux-ppp" in
the body of a message to [EMAIL PROTECTED]
