(RADIATOR) CHAP and PAP
Hugh Irvine
hugh at open.com.au
Thu Oct 26 17:49:36 CDT 2006
Hi Mike -
As you suggest below, you can use "{clear}password" just for those
users who need it and leave the rest as they are.
See sections 12.1.1 and 12.1.2 in the Radiator 3.15 reference manual
("doc/ref.html").
regards
Hugh
On 27 Oct 2006, at 07:53, Mike Gomez wrote:
> Hi All,
>
> I've run into a bit of a problem that I'm hoping I can figure out
> without
> having to do too much of an overhaul on our mysql database. ;)
> We've been
> using Radiator and PAP authentication for years (using just
> standard unix
> encryption on passwords). We've just recently switched dialup
> providers, and
> some of the Qwest numbers they use only allow CHAP.
>
> It's only for a small subset of my users that this is causing a
> problem for
> (150 out of the 12,000 or so in the database). Since my passwords
> aren't in
> clear text, CHAP won't work. From what I've read, I believe I
> could change
> all of my users to clear text passwords and then both PAP and CHAP
> would
> work, but I'd honestly like to avoid making changes to all 12,000
> users and
> just change the 150 that are having problems.
>
> We use the EncryptedPassword option, since we don't have {crypt}
> specified
> before each password. Is there any way I could just change the
> problem users
> to have their passwords set as "{clear}password" in mysql and not
> have to end
> up changing all of the rest of the passwords (either to clear text,
> or by
> putting {crypt} in front of them)? I'm reading through the
> reference manual,
> but the only way I can see to do this is either by changing
> everyone to clear
> text, or using the {} before each user's password to describe
> whether it's
> encrypted of not.
>
> Thanks in advance for any help! :)
> --
> Mike Gomez
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
Includes support for reliable RADIUS transport (RadSec),
and DIAMETER translation agent.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list