"Christian Poessinger" <[EMAIL PROTECTED]> wrote:
> I'm really getting confused now ... is it actually possible to use
> md5 hashed passwords in a sql backend and doing EAP-TTLS for
> authenticating wireless clients?
http://deployingradius.com/documents/protocols
tunneled Access-Reject
>
>
> error when doing EAP. With radtest it works fine.
>
> -CP
I'm really getting confused now ... is it actually possible to use md5
hashed
passwords in a sql backend and doing EAP-TTLS for authenticating wireless
clients?
I had a little look at t
[EMAIL PROTECTED]
wrote:
> [EMAIL PROTECTED]
> wrote:
>>
>> Please read the EARLIER messages in the debug log. It's obvious
>> that the password was NOT read from SQL, so authentication will not
>> work.
>>
>> Get the server to read the password from SQL. Debug log WILL SAY
>> when the ap
[EMAIL PROTECTED]
wrote:
>
> Please read the EARLIER messages in the debug log. It's obvious
> that the password was NOT read from SQL, so authentication will not
> work.
>
> Get the server to read the password from SQL. Debug log WILL SAY
> when the appropriate user entry is matched.
>
"Christian Poessinger" <[EMAIL PROTECTED]> wrote:
> Changed the content of the SQL Attribute field to 'User-Password' but I
> still get the same error.
>
> ---
> modcall: leaving group authorize (returns ok) for request 4
> rad_check_password: Found Auth-Type PAP
> auth: type "PAP"
> Proc
[EMAIL PROTECTED]
wrote:
> "Christian Poessinger" <[EMAIL PROTECTED]> wrote:
>> Well, changing it to MD5-Password results in
>
> In 1.1.x, use "User-Password"
Changed the content of the SQL Attribute field to 'User-Password' but I
still
get the same error.
---
modcall: leaving group auth
"Christian Poessinger" <[EMAIL PROTECTED]> wrote:
> Well, changing it to MD5-Password results in
In 1.1.x, use "User-Password"
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[EMAIL PROTECTED] wrote:
> "Christian Poessinger" <[EMAIL PROTECTED]> wrote:
>> As I have to use the SQL attribute field with 'Crypt-Password' in it
>
> Why? Why not just change that?
>
> Alan DeKok.
Well, changing it to MD5-Password results in
-
rlm_sql (sql): No matching en
"Christian Poessinger" <[EMAIL PROTECTED]> wrote:
> As I have to use the SQL attribute field with 'Crypt-Password' in it
Why? Why not just change that?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
aving group PAP (returns fail) for request 4
auth: Failed to validate the user.
TTLS: Got tunneled reply RADIUS code 3
TTLS: Got tunneled Access-Reject
-
Anyone has an Idea how to use the MD5 hashed Passwords in the Database with
EAP-TTLS for authentication? I appended my radius configurati
aving group PAP (returns fail) for request 4
auth: Failed to validate the user.
TTLS: Got tunneled reply RADIUS code 3
TTLS: Got tunneled Access-Reject
-
Anyone has an Idea how to use the MD5 hashed Passwords in the Database with
EAP-TTLS for authentication? I appended my radius configurati
Robert Yeo <[EMAIL PROTECTED]> wrote:
> After reading the documentation, it seems that when TTLS or PEAP is used,
> there needs to be a text file or database with usernames and passwords in
> clear text
No. TTLS & PEAP have tunneled authentication methods. Those
tunneled authentication methods
On Wed, 16 Jun 2004, Robert Yeo wrote:
> After reading the documentation, it seems that when TTLS or PEAP is used,
> there needs to be a text file or database with usernames and passwords in
> clear text
PEAP needs clear text
TTLS depends on the inner authentication mechanism. If you use PAP you
After reading the documentation, it seems that when TTLS or PEAP is used,
there needs to be a text file or database with usernames and passwords in
clear text
...
Currently, what we have is a MSSQL database which has a table of usernames
and passwords hashed using MD5... there is also a procedure
<[EMAIL PROTECTED]> wrote:
> Questions: Are there any authentication protocols (that can use MD5 hashed
> passwords) that I could use to authenticate the wireless users?
No.
> I read the section about using PAP, but should I use it, does it
> mean that the user/pass will b
gt; move away from using MAC filters (for about 250 users so far) and use a
> radius solution. The students each have access to a portal, but the
> passwords are all hashed with MD5 and stored in a MSSQL database.
>
> Questions: Are there any authentication protocols (that can use MD5 has
Hi Tim.
If you want to use encryption for your ppp users you need to drop md5 hashing of your
sql passwords.
Just sync your old SQL database with a new one for radius only and put unencrypted
passwords there.
You can use md5 hashed passwords but then you will not be able to use crypto for your
adius solution. The students each have access to a portal, but the
passwords are all hashed with MD5 and stored in a MSSQL database.
Questions: Are there any authentication protocols (that can use MD5 hashed
passwords) that I could use to authenticate the wireless users? I read the
section about usi
there is no way to use CHAP - envelopped in whatever - with crypted
passwords. the only remaining way is thus PAP, if you insist on hashed
passwords. PEAP does not support PAP.
=> use EAP-TTLS/PAP and you can use crypted passwords locally.
CHAP *is* already a hash. it thus needs the original cl
Christophe Saillard <[EMAIL PROTECTED]> wrote:
> Here's what I want to do :
>
> - EAP-TTLS or PEAP authentication with login/password in the second
> phase (no EAP-TLS)
> - Users are stored in the local Freeradius Database with Crypt-password
> attributes (MD5 hashed, because logins and passwor
Hi,
Here's what I want to do :
- EAP-TTLS or PEAP authentication with login/password in the second phase (no
EAP-TLS)
- Users are stored in the local Freeradius Database with Crypt-password
attributes (MD5 hashed, because logins and passwords come from a Unix User
Database)
- Authentication le
21 matches
Mail list logo
