Re: FreeRadius + MySQL - Crypt-Passwrd in radcheck table

Mon, 19 Feb 2007 04:44:27 -0800 

Hi Alan,
This is me again asking for help and you are here to help. So you think that plain text is not unsecure? I was thinking about it and if my SQL system is secure, so my tables will be secure too. But, when a client sends a package in my network, someone else can see this with a spoofing software? 


So using version 1.1.4 I could not compile it to use MySQL. It always 
says that there is no rlm_sql library. I tryied many times, but 
nothing... Unfurtunately the documentation is mostly useless or spare...


Thank you for your time.

Alan DeKok escreveu:

Nataniel Klug wrote:

  

    Into radcheck table I have:

mysql> SELECT * FROM radcheck;
+----+----------+----------------+----+----------------------------------+
| id | UserName | Attribute      | op | Value                            |
+----+----------+----------------+----+----------------------------------+
|  1 | teste    | Crypt-Password | == | 42cbf4730aeac1d645324d4818104826 |
+----+----------+----------------+----+----------------------------------+

    


  Use ':=', not '=='.  See the rlm_sql documentation for why.


  

    The password was encrypted using PHP MD5 command and should be 8872. 
But when I use a radtest command the respose of my Radius is:
    


  Hmm.. Crypt-Password is for Unix crypt'd passwords, not MD5 hashed
passwords.


  

    I made the same in debug mode and radius just not get the password. 
I think it is not testing the 8872 password to see if it matches de MD5 
crypt. I tryed with "42cbf4730aeac1d645324d4818104826" as a password and 
it returned OK for the request. How can I do this work? I need that into 
MySQL table I have a crypted password (for security reasons)
    


  I disagree, but that's another story.


  

and I need 
that my clients can put a simple text password.
    


  In 1.1.4, you can put this into SQL:

Password-With-Header := "{md5}42cbf4730aeac1d645324d4818104826"

  That should work with the default config.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



  


--
Att,

NATANIEL KLUG
[EMAIL PROTECTED]


Cyber Nett - Internet Banda Larga
www.cnett.com.br
(42) 3635-2957
Rua Diogo Pinto, 1046, Centro
Laranjeiras do Sul - PR

Brasil - 85301-290 


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





















					Reply via email to