(RADIATOR) What's NT-MTA-MD5 ?

Mike McCauley mikem at open.com.au
Tue Feb 17 23:28:39 CST 2004


Hello Oscar,


Ws have now uploaded a new version of AuthGeneric that supports encrypted 
passwords in ancient Netscape Mail server format, prefixed by NS-MTA-MD5 like 
this. These passwords consist of 32 bytes of hex encoded MD5 hash, followed 
by 32 octets of salt (not hex encoded, although hex characters seem to be the 
norm in the salt):

{NS-MTA-MD5}b6b49e37d494a09bfde663033274bc83cd1bf318fa32c5866166a7edcb1e1c87

Please let me know how you get on.

Cheers.

On Wed, 18 Feb 2004 03:31 pm, Oscar Garzón wrote:

>
> Oscar.
>
>
>
>
> -----Mensaje original-----
> De: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au]En
> nombre de Mike McCauley
> Enviado el: sábado, 14 de febrero de 2004 06:23
> Para: Oscar L. Garzón; radiator at open.com.au
> Asunto: Re: (RADIATOR) What's NT-MTA-MD5 ?
>
>
> Hello Oscar,
>
> On Sun, 15 Feb 2004 03:51 am, Oscar L. Garzón wrote:
> > Hello, I already searched archive, but couldn`t find an answer. I'm tryng
> > to authenticate against a SunONE Directory Server...
> > Some of the passwords are encrypted using SHA1 ( By default ), and others
> > using MD5 (taken from a mail server), however I was expecting  $1 prefix
>
> in
>
> > MD5 ones... not {NT-MTA-MD5}.
> > Does Radiator support it? is there anything extra I should do?
>
> Radiator does not curently support that, but if you can send me a correct
> password that corresponds to an NS-MT-MDA5 password, we will try to add it.
>
> Cheers.
>
> > This is what I get.
> >
> > ------------
> >
> > When I try to authenticate a user whose password is stored in SHA I get
> >
> > radpwtst -user test1 -password 'hola123'
> > sending Access-Request...
> > OK
> >
> > radpwtst -user test1 -password
> > '{SSHA}wHFev3vKYvDM2/lDqx924jyw3sM7UepoS14OBw=='
> > sending Access-Request...
> > Rejected: Request Denied
> >
> > Log File looks like this
> > Thu Feb 12 18:33:15 2004: DEBUG: LDAP got userPassword:
> > {SSHA}wHFev3vKYvDM2/lDqx924jyw3sM7UepoS14OBw==
> >
> > ------------
> >
> > When I try to authenticate a user whose password is stored in MD5 I get
> > radpwtst -user test2 -password 'hola123'
> > sending Access-Request...
> > Rejected: Request Denied
> >
> > radpwtst -user test2 -password
>
> '{NS-MTA-MD5}525c347a78adc72d5aa2792d78ff3cd3cd1bf318fa32c5866166a7edcb1e1c
>
> >8 7'
> > sending Access-Request...
> > OK
> >
> >
> > Log File looks like this
> > Thu Feb 12 18:30:34 2004: DEBUG: LDAP got userPassword:
>
> {NS-MTA-MD5}525c347a78adc72d5aa2792d78ff3cd3cd1bf318fa32c5866166a7edcb1e1c8
>
> >7
>
> --
> Mike McCauley                               mikem at open.com.au
> Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
> 9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
> Phone +61 7 5598-7474                       Fax   +61 7 5598-7070
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP etc on Unix, Windows, MacOS etc.
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list