Fwd: (RADIATOR) PEAP and Unix crypt passwords?

Mike McCauley mikem at open.com.au
Wed Feb 26 16:22:36 CST 2003 

Hello all,


On Thu, 27 Feb 2003 08:29 am, Hugh Irvine wrote:
> Mikey -
>
> I would like to know the answer to this too.
>
> cheers
>
> Hugh
>
> Begin forwarded message:
> > From: John McFadden <dasjlm at uwo.ca>
> > Date: Thu Feb 27, 2003  07:38:41 Australia/Melbourne
> > To: radiator at open.com.au
> > Subject: (RADIATOR) PEAP and Unix crypt passwords?
> >
> > I'm starting to look at how to set up Radiator to support PEAP and our
> > Nescape LDAP server.
> > I just wondering if I'm going to run into the same issue as I did with
> > PPTP and LDAP.
> >
> > Can I use PAP over PEAP so I can use plain text passwords against by
> > Unix crypt passwords
> > or does PEAP force me to use MS-CHAP which means I need plain text of
> > MD4 passwords in
> > my LDAP server?

This is really a question about clients, but I can tell you this:

The PEAP supporting clients that I know of (Windows XP and 2000) currently 
only support MSCHAPV2, which requires a plaintext password available to 
Radiator in the user database.

I dont know that any client supports PAP over PEAP, but if you can find a 
client that will do that, it _should_ be compatible with non-plaintext 
passwords in the user database. Caution: we have not tested this here.


Cheers.

> >
> > Thanks in advance
> >
> > John McFadden
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
>
> NB: have you included a copy of your configuration file (no secrets),
> together with a trace 4 debug showing what is happening?

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list