> Thanks for everyone's help. I don't want users passwords stored in > clear text in the directory, so I've set the password-hash back to SSHA. > Even when it was stored in cleartext, the passwords were base64 encoded > and freeradius wasn't seeing that as a match.
Passwords are not *stored* base64-encoded; they're just presented base64-encoded. They're stored with their actual value. The reason for back64-encode them when presented is that octet-strings could be non-printable. p.
