FreeRadius and md5 hashed passwords

Andrew Thompson andy at
Tue Sep 16 20:28:24 PDT 2003

Martin Jessa wrote:
> Hi Scott, guys.
> I am stucked. I made some changes in the config file and added Auth-Type to the radgroupcheck table (which was previously empty) and now I cannot authenticate at all.
> Seems like the problem is somewhere else.
> My radiusd.conf:
> modules {
>         mschap {
>                 authtype = MD5
>                         use_mppe = yes
>                         require_encryption = yes
>                         require_strong = yes
>                         encryption_scheme = md5
>         }

My understanding was that chap required the password on the sever to be 
in plain text, so MD5 could not be used.  The response from the client 
is encrypted with the password, so if its also encrypted locally, it 
cant be checked.

You may need to use pap.


More information about the freebsd-isp mailing list