Dear Sir. I Appreciate your response.
So, one way or theother ... with 'CHAP' there will always a 'clear text password' stored some where. I'm prettysure we can close this discussion. I really appreciate your responses. Sincerely -bino- On Saturday, October 27, 2018 at 10:55:44 PM UTC+7, Federico Capoano wrote: > > I correct myself, if I'm not wrong CHAP needs the password to be stored in > clear. > The only way you can do that is to use radius checks, you can store the > clear password there. > > Users which have a corresponding django user will always have their > password hashed, it's one of the goal of django-freeradius to avoid storing > password in clear. > > Fed > > > > > > I'm not sure how to implement that with the rml-rest module. >> >> There may be a way, if you find it please let me know, if we have a clear >> path on what we need to do to implement that we can open an issue on github >> and I think sooner or later we will find somebody else with the same need >> which may want to help implementing it. >> >> Fed >> >> >> On Saturday, October 27, 2018 at 5:18:29 PM UTC+2, Bino Oetomo wrote: >>> >>> >>> >>> On Thursday, October 25, 2018 at 7:52:04 PM UTC+7, Federico Capoano >>> wrote: >>>> >>>> Passwords get to freeradius in clear over TLS (these are also encrypted >>>> with the shared secret of freeradius BTW) >>>> >>>> >>>> I mean, if our Authenticator (i.e PPP gateway, Captive Portal, etc etc) >>> use a CHAP password, FreeRadius will not send ''User-Password' as part of >>> it's rlm_rest call to our rest-server. It'll send CHAP..... That is I don't >>> know how to compare this to user's django password. >>> >>> Sincerely >>> -bino- >>> >> -- You received this message because you are subscribed to the Google Groups "OpenWISP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
