Fwd: Re: (RADIATOR) mysql with linux passwords

Mike McCauley mikem at open.com.au
Wed Jun 20 09:25:06 CDT 2001


Hello Mickey,


On Jun 19,  6:46pm, Hugh Irvine wrote:
> Subject: Fwd: Re: (RADIATOR) mysql with linux passwords
>
> >  >Received: (from majordomo at localhost)
> >	by server1.open.com.au (8.11.0/8.11.0) id f5IFvIp12122
> >	for radiatorzz-list; Mon, 18 Jun 2001 10:57:18 -0500
> >X-Authentication-Warning: server1.open.com.au: majordomo set sender
> >to owner-radiator at open.com.au using -f
> >X-Sender: mick at trumpet.psinet.ch
> >Date: Mon, 18 Jun 2001 19:52:04 +0200
> >To: radiator at open.com.au
> >From: radiator at int.ch
> >Subject: Re: (RADIATOR) mysql with linux passwords
> >X-OriginalArrivalTime: 18 Jun 2001 17:52:09.0890 (UTC)
> >FILETIME=[659DF820:01C0F81F]
> >Sender: owner-radiator at open.com.au
> >
> >Hi,
> >
> >I am using PAP authentication.
> >
> >What exactly does "encrypted passwords" mean in this context?

Anything other than plaintext.


> >
> >I can get the short "unix crypt" passwords to work, but not
> >something longer like MD5 - either "raw" or as in the gnu/linux
> >/etc/shadow file.
If the check item you are using is 'Password' or 'User-Password', then the
password in your database can be in any of these forms:

type			example
plaintext		fred
unix crypt		{crypt}1xMKc0GIVUNbE
SHA			{SHA}0DPiKuNIrrVmD8IUCuw1hQxNqZc=
MD5			$1$cTpht$Obu9PLSMst1TDou.mN5bk0
MD5 (mime)		{MD5}VwqQv7+MfqtdxdTiaDLVsQ==

If the check item is 'Encrypted-Password', you can use:
unix crypt		{crypt}1xMKc0GIVUNbE
unix crypt		1xMKc0GIVUNbE
SHA			{SHA}0DPiKuNIrrVmD8IUCuw1hQxNqZc=
MD5			$1$cTpht$Obu9PLSMst1TDou.mN5bk0
MD5 (mime)		{MD5}VwqQv7+MfqtdxdTiaDLVsQ==

You can probably conclude from this that the only difference between
User-Password and Encrypted-Password is how a bare unintroduced sequence of
characters is to be interpreted, either as plainext or as unix crypt.

Hope that helps.

Cheers.


> >
> >Thanks for any hints!
> >
> >Mickey
> >
> >At 18:38 18-06-01, Hugh Irvine wrote:
> >-----Start of Original Message-----
> >
> >Hello Mickey -
> >
> >You can only use encrypted passwords in the database if you are
> >using PAP authentication. Conversely, you can only use CHAP
> >authentication with plain-text passwords in the database.
> >
> >hth
> >
> >Hugh
> >
> >
> >At 10:01 PM +0200 6/16/01, radiator at int.ch wrote:
> >>Hi,
> >>
> >>Can I use linux password format ($1$13011b20$YckqUo2rgcod2yvyLOHI)
> >>with mysql?
> >>
> >>I've tried, and it does not seem to work, but perhaps I'm
> >>just doing something wrong.  Clear text passwords in the
> >>mysql database work fine.
> >
> >===
> >Archive at http://www.open.com.au/archives/radiator/
> >Announcements on radiator-announce at open.com.au
> >To unsubscribe, email 'majordomo at open.com.au' with
> >'unsubscribe radiator' in the body of the message.
>
> --
>
> NB: I am travelling this week, so there may be delays in our correspondence.
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
>-- End of excerpt from Hugh Irvine



-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list