"Berry, William" <[EMAIL PROTECTED]> wrote: > Personally think that clear text is bad as anyone intercepting the packets > can easily pick up anything in clear text.
RADIUS passwords are encrypted. Connections from FreeRADIUS to an LDAP server should be encrypted using ldaps, or starttls. Using clear-text passwords make it a LOT easier to manage different authentication types. The NT-Password is "clear-text equivalent" in security terms, which means that it's as good as the clear-text password for many purposes. The only thing that NT-Password "gains" is the inability to do CHA. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
