PEAP with sql - plain Identity
norboro at celpol.pl
Wed Feb 8 15:39:46 CET 2006
In 'Ralink Wireless Utility' -> '802.1x Setting'
I can choose 'PEAP' and foll 3 fields (with my example values):
1. Identyty = myidentyty
2. Login = mylogin
3. Password = mypass
(I set protocol as EAP-MSCHAP v2)
in freeradius users file I can write:
mylogin Auth-Type = EAP, User-Password := "mypassword"
So identity can by any word. I hope mylogin and mypassword is sent to radius encrypted, not as plain text.
But when I clear the users file and use sql I have a recerd in radcheck table:
id UserName Attribute op Value ... (other fields)
1 mylogin User-Password == mypassword ... (other values)
and in "Ralink...' I MUST (?) set (Identity = Login = mylogin) and Password = mypassword to be authorized in freeradius.
But isn't Identity sent as clear text ???
I want to set Identity as Client Name, not as his login, is it possible?
SQL queries check User-Name attribute and *I don't know how* put it to rlm_eap_peap and it says: Tunneled data is valid. (...) Success.
But I don't want to login be equals to identity...
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users