Thanks to all whom replied for your insight and direction.
Regards,
Chuck
On Fri, 2005-09-16 at 20:10, [EMAIL PROTECTED] wrote:
Hi,
You must have missed the information in RFC 2865 (RADIUS), which is also
a Fine Manual. The PAP password is XOR'd with the MD5 hash of
Hi All.
I have a few freeRADIUS newbie questions for you.
I have always read and been told that PAP is insecure because it
transmits passwords in clear text. However, If I sniff the communication
between my NAS and server when PAP is used, the password is indeed
obfuscated. It appears to be
Chuck Slate [EMAIL PROTECTED] wrote:
I have always read and been told that PAP is insecure because it
transmits passwords in clear text. However, If I sniff the communication
between my NAS and server when PAP is used, the password is indeed
obfuscated. It appears to be hashed.
Yes. The
You must have missed the information in RFC 2865 (RADIUS), which is also
a Fine Manual. The PAP password is XOR'd with the MD5 hash of the
shared secret and the authenticator.
You've been reading about the protocol prior to the RADIUS client's
involvment. The same thing applies to CHAP, just
Hi,
You must have missed the information in RFC 2865 (RADIUS), which is also
a Fine Manual. The PAP password is XOR'd with the MD5 hash of the
shared secret and the authenticator.
Yes, that's a bit clearer than saying the password is hashed, since it
also shows that the process is
5 matches
Mail list logo