<[EMAIL PROTECTED]> wrote:
What is the added benefit of something that is encrypted where
the algorithm & keys to decrypt are public knowlegde... There is no security there, just a false sense of the feeling.
If the key to decrypt the password is only known by the host running the radius server and the host with the webfrontend, which permits to enter the passwords in the ldap server running on a separate host, then IMO it is an improvement in security, isn't it?
Only if you trust the security of the LDAP server less than the security of the RADIUS server and the web front end. In the case of unencryted passwords stored in LDAP, it is as if the key to decrypt is known to the RADIUS server, the web front end and the LDAP server.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
