On Thu, 15 Jul 2004, Mitchell, Michael wrote: > In short, yes you need a clear text password at the server end. > > You have two choices: > a) store your passwords in your ldap database in clear test > b) use a reversible encryption algorithm to store your passwords, and > modify the rlm_ldap code to decrypt the user password as it pulls it out > of ldap.
You don't need to modify rlm_ldap, you can use an external program for that job. > > Regards, > Michael > > > -----Original Message----- > > From: Daniel Eyholzer [mailto:[EMAIL PROTECTED] > > Sent: Thursday, 15 July 2004 5:13 PM > > To: [EMAIL PROTECTED] > > Subject: LDAP and CHAP > > > > Hi there > > > > > > Im using 1.0.0-pre3 to authenticate users with ldap as > > backend. In the LDAP-tree I have md5 passwords. When I > > configure the Network Access Server to use PAP it works fine, > > but with CHAP it does not work. I have read that CHAP can not > > be used with encryptet passwords in the database, is that > > true? Is there no chance in using CHAP with md5 passwords in > > the LDAP-tree? > > > > I would be most grateful for any comments! > > > > > > Regards, Daniel > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html