(RADIATOR) Wireless Authentication question
mikem at open.com.au
Mon Feb 2 17:31:28 CST 2004
On Tue, 3 Feb 2004 07:57 am, Joe Honnold wrote:
> I have an LDAP infrastructure that is using SHA1 encrypted passwords.
> After testing TTLS<->PAP with the Odessy client the decision was made
> not to move forward with it.
> I need to take a closer look at LEAP.
> I am looking for some advise on the following:
> I was hoping I can get Radiator to authenticate to a CGI running on a
> web server which is then bound to LDAP. I am not sure whether this
> makes sense or not???
Yes, that is possible, but I dont think it will help you with your LEAP
access. In order to authenticate LEAP, the authenticator needs access to the
plaintext or reversibly encrypted password. It will not be possible to
authenticate LEAP against SHA1 encrypted passwords (SHA1 is a one-way hashing
The only way you will get LEAP to work with LDAP is to put plaintext or RCrypt
encrypted passwords in the LDAP database, or else use TTLS-PAP, which will
work with any type of encrypted or non-encrypted password database.
Hope that helps.
> Do you think it an be done? What are the gotta's?
> I see the process as this.
> Client<--->AP<--->Radius<--->Web Server CGI<--->LDAP
> With LEAP is the auth request encrypted to the AP?
> Thanks in advance.
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
Mike McCauley mikem at open.com.au
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.open.com.au
Phone +61 7 5598-7474 Fax +61 7 5598-7070
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator