On Tue, Apr 27, 2010 at 1:17 AM, John Dennis <jden...@redhat.com> wrote:
> On 04/26/2010 05:33 PM, eric.hernan...@allegiantair.com wrote: > >> I see thats what I thought, I also confirmed its all clear text with >> tcpdump. >> >> If I were to switch my backend to an ldap system would I have encrypted >> traffic for user authentication with freeradius remote ldap/backend setup? >> > Or you could probably tunnel the traffic via SSH or some other encrypted medium. Given this will add overhead though I don't know to say how much in compared to other solutions, depending on your deployment I guess. Regards, Liran Tal. > Not currently, but I've got a patch for the 1.1.7 version of rlm_ldap, so > it might need some tweaking for 2.x > > > >> Also is there a nas/radacct table equivalent in the ldap solution or is >> it strictly for user authentication? >> > > Not currently, but I've got a patch for the 1.1.7 version of rlm_ldap, so > it might need some tweaking for 2.x > > FWIW, I don't have extra cycles at the moment. > > BTW, patching rlm_sql_mysql to use SSL wouldn't be hard. > > > -- > John Dennis <jden...@redhat.com> > > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html >
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html