On 12 Nov 2012, at 10:24, Øystein Gyland <oyst...@usit.uio.no> wrote:
> On Fri, 2012-11-09 at 15:37 -0400, Chris Taylor wrote: > >> I setup tcpdump to dump to a file (tcpdump -i eth0 -n -s0 port radius >> -w rad-capture.lpc) , but when I check it out with wireshark I am >> unable to see the password (just the username). Am I going about this >> the wrong way? > > You can decrypt the password from the tcpdump capture with radsniff: > > radsniff -I rad-capture.lpc -s <shared-secret> Yes, but that's a PITA if you have multiple NAS with different shared secrets, hence suggesting using the server which has knowledge of all the client to secret associations. You can use tcpreplay to read packets back into the server from a PCAP file. -Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
