Hi,
> there are obviously different kinds of encryption and as you mention with
> out a key, decryption is not possible.
It's not only the question of a key, it's also a question of methods
used. Given a hash value (often called "encrypted password"), you
just can't get back to the clear text.
> that leaves public key based encryption. so, poptop can
> do ssl based encryption,
> can that be utilized to encrypt the transport in much the same way https
> encrypts http traffic?
Actually, RADIUS supports an authentication protocol called EAP-TLS which
essentially does just that. However, it requires eaach client to have
a certificate and be able to verify the authentication servers
certificate. Also client and server must support it.
> does anyone know if pptpd decrypts
> before it passes the string to freeradius for authentication?
Sorry, that's exactly what I have been trying to explain:
If you are using (MS-)CHAP, there is nothing which can be
decrypted (the password is only used to compute/verify some
hash value). Only if you are using PAP the password is contained
in the authentication request and only then whatever server
decrypts it (if it ever was encrypted) and reencrypts it in a different
way to send it to the radius server.
> just pass on the encrypted stream and thus tries
> to compare the mschapv2 encrypted stream with a md5 encrypted unix password?
> which lead to alan's response of "it won't work and never will".
If you're using (MS-)CHAP, "challenge" and "response" will be passed on
to the server, but to verify that the response matches the challenge,
you do _need_ the clear text password. And since it's impossible to
"decrypt" to "encrypted unix passwords" (which really are "hashed
passwords"), there's no way to make this work.
In short: You can either use (MS-)CHAP and store cleartext passwords
on the server (to be able to check that challenge and response do
match) or you can use PAP (i.e. transfer "cleartext" passwords when
authenticating) and e.g. check if the password has the correct
hash value stored on the server (e.g. an MD5-hash or a Unix hash).
[ For completness:
In the particular case of MS-CHAP, the first step in verification of
challenge/response is an encryption of the password, so it's sufficient
to store that intermediate result on the server (LM-Password and
NT-Password), but OTOH, that's also all an attacker needs to know, so
there's no real benefit in storing those in place of the real password.]
HTH,
Stefan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
