Fwd: (RADIATOR) PEAP and Unix crypt passwords?

Tom Rixom tom.rixom at alfa-ariss.com
Thu Feb 27 06:31:52 CST 2003 

small question about the the PAP through EAP.

Wouldn't you have to develop an EAP-PAP module on both the client
and server side?

I don't think it is possible to send plain PAP through PEAP only
PAP wrapped in EAP.

Tom Rixom.

> -----Original Message-----
> From: Mike McCauley [mailto:mikem at open.com.au]
> Sent: Wednesday, February 26, 2003 11:23 PM
> To: Hugh Irvine; John McFadden; radiator at open.com.au
> Subject: Re: Fwd: (RADIATOR) PEAP and Unix crypt passwords?
> 
> 
> Hello all,
> 
> 
> On Thu, 27 Feb 2003 08:29 am, Hugh Irvine wrote:
> > Mikey -
> >
> > I would like to know the answer to this too.
> >
> > cheers
> >
> > Hugh
> >
> > Begin forwarded message:
> > > From: John McFadden <dasjlm at uwo.ca>
> > > Date: Thu Feb 27, 2003  07:38:41 Australia/Melbourne
> > > To: radiator at open.com.au
> > > Subject: (RADIATOR) PEAP and Unix crypt passwords?
> > >
> > > I'm starting to look at how to set up Radiator to support 
> PEAP and our
> > > Nescape LDAP server.
> > > I just wondering if I'm going to run into the same issue 
> as I did with
> > > PPTP and LDAP.
> > >
> > > Can I use PAP over PEAP so I can use plain text passwords 
> against by
> > > Unix crypt passwords
> > > or does PEAP force me to use MS-CHAP which means I need 
> plain text of
> > > MD4 passwords in
> > > my LDAP server?
> 
> This is really a question about clients, but I can tell you this:
> 
> The PEAP supporting clients that I know of (Windows XP and 
> 2000) currently 
> only support MSCHAPV2, which requires a plaintext password 
> available to 
> Radiator in the user database.
> 
> I dont know that any client supports PAP over PEAP, but if 
> you can find a 
> client that will do that, it _should_ be compatible with 
> non-plaintext 
> passwords in the user database. Caution: we have not tested this here.
> 
> 
> Cheers.
> 
> > >
> > > Thanks in advance
> > >
> > > John McFadden
> > >
> > > ===
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with
> > > 'unsubscribe radiator' in the body of the message.
> >
> > NB: have you included a copy of your configuration file (no 
> secrets),
> > together with a trace 4 debug showing what is happening?
> 
> -- 
> Mike McCauley                               mikem at open.com.au
> Open System Consultants Pty. Ltd            Unix, Perl, 
> Motif, C++, WWW
> 24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
> Phone +61 3 9598-0985                       Fax   +61 3 9598-0955
> 
> Radiator: the most portable, flexible and configurable RADIUS server 
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, 
> EAP, TLS, 
> TTLS, PEAP etc on Unix, Windows, MacOS etc.
> 
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
> 
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list