RE: (RADIATOR) Authentication via MySQL

Mon, 12 Jun 2000 07:22:30 -0700 

MySQL's PASSWORD() function uses a proprietary hash algorithm. Ms. Jung,
what you probably want to do instead (if you really want your passwords
encrypted), is to use MySQL's also-built-in ENCRYPT() function. Is does a
Unix-crypt compatible hash.

  ... SET ENCRYPTEDPASSWORD = ENCRYPT("mypassword") ...

It takes an optional second argument to use as the SALT for the hash, but
you shouldn't need that. :)

HTH...

Mike Nerone <mailto:[EMAIL PROTECTED]>
Network Operations Manager
Internet Direct, Inc.


> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of Hugh Irvine
> Sent: Thursday, 08 June 2000 1853
> To: Patricia Jung; [EMAIL PROTECTED]
> Subject: Re: (RADIATOR) Authentication via MySQL
>
>
>
> Hello Patricia -
>
> On Fri, 09 Jun 2000, Patricia Jung wrote:
> > Hi Hugh and all :)
> >
> > On Thu, Jun 08, 2000 at 09:03:54AM +1000, Hugh Irvine wrote:
> > >
> > > Curious. The trace shows that the Access-Request is being
> accepted, however the
> > > accounting requests are being rejected due to bad
> authenticators. Have you got
> > Exactly...
> >
> > > always accept a user if the password field is NULL. It
> appears from the
> > > configuration file above, that you are looking at the second
> field in the SQL
> > > response rather than the first. You might try this:
> > My fault: one should never quote configfiles while debugging ;)
> >
> > The final solution: The PASSWORD-column in the MySQL-database
> includes a
> > password that was created by the
> MySQL-password('passwordtext')-statement.
> > The radpwtst-password-option, however, was followed by the
> plain passwordtext.
> > Thus, the string "passwordtext" was compared with "07213ca6267303ce",
> > and this is obviously not the same...
> >
> > Therefore I wonder whether it is possible to use
> MySQL-password() at all?
> >
>
> What sort of encryption does MySQL-password(...) use?
>
> thanks
>
> Hugh
>
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to