Hi, > Thanks for the mail Alan. I don't agree with your comment that it is *not* > RADIUS if we choose SHA1 over MD5. RADIUS supports SHA1 hashed > user-password attribute. Following link confirms it.
are you talking about changing user passwords (as i first assumed) or are you talking about changing the way RADIUS packets are passed (as Alan mentioned)? if the former, then no code changes are needed on the server...it takes SHA1 fine. it you are talking about doing SHA1 for the shared secret - which then encrypts the payload for passwords access-requests - then thats playing with RADIUS specification... and if you are thinking of doing that then I'd say STOP and use RADSEC instead. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html