"Matt Ashfield" <[EMAIL PROTECTED]> wrote:
> I guess the obvious question is why can't the Radius server simply perform a
> bind attempt to the LDAP server during authentication, as opposed to trying
> to compare the password received by the authenticator to the ssha-1 password
> stored in ldap?
> I guess the obvious question is why can't the Radius server
> simply perform a bind attempt to the LDAP server during
> authentication, as opposed to trying to compare the password
> received by the authenticator to the ssha-1 password stored in ldap?
Because, in PEAP, the client doesn't sen
Hi,
> I guess the obvious question is why can't the Radius server simply perform
> a bind attempt to the LDAP server during authentication, as opposed to
> trying to compare the password received by the authenticator to the ssha-1
> password stored in ldap?
I guess the obvious answer is that it c
uly 17, 2006 7:51 PM
To: [EMAIL PROTECTED]; FreeRadius users mailing list
Subject: Re: 802.1x with mschap-radius-ldap with ssha-1 passwords
"Matt Ashfield" <[EMAIL PROTECTED]> wrote:
> I was afraid you'd say that. What would you suggest as a workaround for
this
> problem? Cou
"Matt Ashfield" <[EMAIL PROTECTED]> wrote:
> I was afraid you'd say that. What would you suggest as a workaround for this
> problem? Could I do EAP-TTLS using the securew2 client instead?
Yes.
> Or am I better off creating a 2nd password attribute on the LDAP
> directory that is maybe encoded
Could I do EAP-TTLS using the securew2 client instead?
Yes, that's an option. And since EAP-TTLS is a standard you'll be able
to have it work on a variety of clients (MAC OS, Pocket PC + SecureW2,
Palm-OS, linux).
Or am I
better off creating a 2nd password attribute on the LDAP directory th
t: Re: 802.1x with mschap-radius-ldap with ssha-1 passwords
"Matt Ashfield" <[EMAIL PROTECTED]> wrote:
> I'm trying to do 802.1x authentication using freeradius against an LDAP
> directory which stores the userPassword in an ssha-1 hash. My question is,
> is this possibl
"Matt Ashfield" <[EMAIL PROTECTED]> wrote:
> I'm trying to do 802.1x authentication using freeradius against an LDAP
> directory which stores the userPassword in an ssha-1 hash. My question is,
> is this possible? If so, how do I configure mschap for ssha-1 passwords?
You don't. It's impossible
8 matches
Mail list logo