"Steve Chan" <[EMAIL PROTECTED]> wrote:
> The problem is that for a large deployment (say, hundreds of client
> hosts), managing those secrets becomes an issue. If you share secrets
> then the compromise of 1 system reveals the secret for all systems
> sharing it, if you keep individual secrets
Josh,
Thanks for the
reply.
From Josh Howlett <[EMAIL PROTECTED]>
>
>The User-Password attribute is protected
to a reasonable degree of >security if you make the effort to generate
(and protect) a "good" >secret for your RADIUS peers. This generally
satisfies the cryptowonks >in the
Steve Chan wrote:
What we're looking to do is pass a cleartext password over a
cryptographically secure Radius connection from Unix/Linux clients to a
Radius server. Users will be trying to login via ssh or on the console,
and PAM is configured to go to Radius for authentication. The standar
Hello,
I'm researching what it would
take to have strong encryption of the channel between Linux client machines and
a FreeRadius server. It looks like FreeRadius supports PEAP and
EAP-TTLS.
Both these are supported by the
Open 802.1x package, however I am interested in using PEA
4 matches
Mail list logo
