Mircea Harapu wrote:
PAP sends the following radius request:
User-Name = "Someuser"
User-Password = "somepassword"
HOWEVER, the User-Password field in a radius packet is defined by RFC to
be encrypted with the radius shared secret.
The pam_radius_auth is sending User-Password without beeing encrypted .
I have set the same shared secret in /etc/raddb/server and clients.conf
I believe you are incorrect. Have you looked at the actual packets on
the wire with a sniffer?
Remember, when FreeRadius displays the packet, it has already decrypted
it so of course you will see it in the clear in the FR debug output and
logs.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
