(RADIATOR) Encrypted Password and PEAP

Mike McCauley mikem at open.com.au
Fri Jun 27 18:56:52 CDT 2003

Hello Peter,

On Sat, 28 Jun 2003 01:34 am, Peter Francis wrote:
> Hello:
> Does anyone know if it is possible to have PEAP query an LDAP or Kerberos
> database that uses encrypted passwords.

Its impossible to authenticate a PEAP password against the sort of encryption 
that is commonly used in LDAP or Kerberos.

It is possible to authenticate a PEAP password against a plaintext password, 
or a reversibly encrypted password (say, Rcrypt)  or against Windows domains 
using the new AuthBy LSA module.


> Peter Francis

Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list