FreeRadius and md5 hashed passwords

Martin Jessa freebsd at yazzy.org
Tue Sep 16 20:49:29 PDT 2003


Great! It worked.
Thanks a bunch Andy :)

rlm_pap: Using MD5 encryption.
rlm_pap: User authenticated succesfully
  modcall[authenticate]: module "pap" returns ok
modcall: group authtype returns ok
Sending Access-Accept of id 216 to 127.0.0.1:58965


On Wed, 17 Sep 2003 15:28:18 +1200
Andrew Thompson <andy at fud.org.nz> wrote:

> Martin Jessa wrote:
> > Hi Scott, guys.
> > 
> > I am stucked. I made some changes in the config file and added Auth-Type to the radgroupcheck table (which was previously empty) and now I cannot authenticate at all.
> > Seems like the problem is somewhere else.
> > 
> > My radiusd.conf:
> > 
> > modules {
> >         mschap {
> >                 authtype = MD5
> >                         use_mppe = yes
> >                         require_encryption = yes
> >                         require_strong = yes
> >                         encryption_scheme = md5
> >         }
> > 
> >
> 
> My understanding was that chap required the password on the sever to be 
> in plain text, so MD5 could not be used.  The response from the client 
> is encrypted with the password, so if its also encrypted locally, it 
> cant be checked.
> 
> You may need to use pap.
> 
> 
> Andy
> 
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"




More information about the freebsd-isp mailing list