[Serusers] radius and md5
sip
sip at arcdiv.com
Mon Jan 30 16:20:59 CET 2006
I think the limitation may be on the client side for that. Usually,
username/password authentication is done using a www_challenge response (which
uses md5 hashes to send data so it's not wholly insecure). Since this is being
done, all your Radius server will get is likely to be md5'd passwords.
I'm not sure it could be done without rewriting SOMEthing. At the very least,
you'd have to rewrite the auth_radius module to handle something other than a
digest response.
N.
On Mon, 30 Jan 2006 16:05:20 +0100, Zoran Milic wrote
> I have a custom made RADIUS server, which doesn't use md5, and I'm
> not keen on writing md5 hashig funcions. Beside, my RADIUS server is
> in the same room as the SER server so I am not afraid of sniffing or
> something. Has anybody tried it with out MD5? (that is, if there is
> a way to do so.)
>
> Zoran
>
> On Monday 30 January 2006 15:30, sip wrote:
> > On Mon, 30 Jan 2006 15:27:11 +0100, Zoran Milic wrote
> >
> > > Hi,
> > > Is it possible to use radius WITHOUT MD5 hashing? Instead, I wish
> > > to send user and pass as plain text.
> >
> > You really DON'T want to do that. You only THINK you do. ;)
> >
> > Seriously, though, why would you want to try and bypass your own best hope
> > of password security?
> >
> > N.
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list