[pptp-server] Using encrypted passwords in the chap-secrets file

David Luyer luyer at zip.com.au
Tue Nov 30 18:17:19 CST 1999


> Someone needs to take the time to dup what NT does re PPTP.
> NT offers the option of either authenticating relative to NT domain
> or RADIUS realm.  The Linux analog would be to authenticate
> relative to the password file or RADIUS.
> 
> I assume the lack of response to Joakim's question indicates this
> has NOT been done for Linux?

It's done for Linux in that MSCHAP is available as an auth method, as is
radius, erpc, anything you could possibly want, but nobody has the time to
document all the different options and explain why they are all done as they
are done.  Basically there's a heap of pppd's out there, choose at will.

For pure CHAP, you need unencrypted passwords.  Hashing them is a futile
attempt to conceal them.

David.
-- 
David Luyer                           . .           www.zipworld.net
Network Engineer                    .  zipworld         Zip World is
Phone: +61 2 9253 5755              .     .      proudly part of the
Fax:   +61 2 9247 5276                . .     Pacific Internet Group






More information about the pptp-server mailing list