[RADIATOR] BCRYPT

[Heikki Vatiainen]

On 08/25/2011 12:24 PM, Heikki Vatiainen wrote:

Hello Derek,

> On 08/24/2011 03:36 PM, Derek Buttineau wrote:

>> I was actually thinking of AuthBy SQL.  We're currently using UNIX crypt, but realized it's time to improve security.  I'm being told that bcrypt is the way to go (OpenBSD style 2a/2y).  So I guess wait for 4.8 or the patches to be issued?

> So the additional hash types may require more work than I originally
> thought. We'll need to check a bit more how to do this. I'll keep you
> and the list posted.

Radiator 4.9 now has more hash types supported. You may want to see if
these are useful to you.

>From the list of changes:

Added support for passwords encrypted with $2a$, $2x$ and $2y$
blowfish crypt and $5$ SHA-256 crypt (where supported by the
underlying crypt()). Improvements to support rounds= notation in
SHA-256, SHA512 crypt.


Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.