(RADIATOR) CHAP and PAP

Hugh Irvine hugh at open.com.au
Thu Oct 26 17:49:36 CDT 2006


Hi Mike -

As you suggest below, you can use "{clear}password" just for those  
users who need it and leave the rest as they are.

See sections 12.1.1 and 12.1.2 in the Radiator 3.15 reference manual  
("doc/ref.html").

regards

Hugh


On 27 Oct 2006, at 07:53, Mike Gomez wrote:

> Hi All,
>
> I've run into a bit of a problem that I'm hoping I can figure out  
> without
> having to do too much of an overhaul on our mysql database. ;)   
> We've been
> using Radiator and PAP authentication for years (using just  
> standard unix
> encryption on passwords).  We've just recently switched dialup  
> providers, and
> some of the Qwest numbers they use only allow CHAP.
>
> It's only for a small subset of my users that this is causing a  
> problem for
> (150 out of the 12,000 or so in the database).  Since my passwords  
> aren't in
> clear text, CHAP won't work.  From what I've read, I believe I  
> could change
> all of my users to clear text passwords and then both PAP and CHAP  
> would
> work, but I'd honestly like to avoid making changes to all 12,000  
> users and
> just change the 150 that are having problems.
>
> We use the EncryptedPassword option, since we don't have {crypt}  
> specified
> before each password.  Is there any way I could just change the  
> problem users
> to have their passwords set as "{clear}password" in mysql and not  
> have to end
> up changing all of the rest of the passwords (either to clear text,  
> or by
> putting {crypt} in front of them)?  I'm reading through the  
> reference manual,
> but the only way I can see to do this is either by changing  
> everyone to clear
> text, or using the {} before each user's password to describe  
> whether it's
> encrypted of not.
>
> Thanks in advance for any help! :)
> -- 
> Mike Gomez
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.



NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/ 
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list