Ryan Lininger wrote: > I could use some help understanding the password storage situation as it > relates to LDAP, radius, and 802.1x. Currently we store hashes of > passwords in an LDAP database that is used for user authentication. I > would like to implement WPA on our wireless network but in my reading > all the explanations I have come across state that you have to store > user passwords in clear text rather then hash form.
I think it's dependent on how you're implementing your RADIUS server; we've done testing with FreeRADIUS authenticating to a SunONE LDAP, which is storing everything hashed, and it works fine. Check out the documentation for your RADIUS server, specifically the section that documents the differences between PAP and CHAP authentication. --Matt -- Matt Gracie (716) 888-2403 Information Security Administrator [EMAIL PROTECTED] Canisius College ITS 425531N / 0785109W http://www2.canisius.edu/~graciem/graciem_public_key.gpg ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
