[isf-wifidog] Radius Authetification and MS-CHAP

fathi at fathi.eu.org fathi at fathi.eu.org
Mer 31 Mar 17:35:51 EDT 2010

Hello and sorry for previously posting this message in french as I have
been confused by some google search results and though that the list was
accepting messages in french,

As you probably have guessed, I am new to wifidog but have managed to
install it and have it running since smoothly since some days.
I have set up some networks one of which authenticates against a long term
running radius server.

My problem is:
Radius user passwords are stored in adatabase in the following form:

UserName       | Attribute            | op | Value
Fathi Ben Nasr | Password-with-Header | := |
with some users as: 'Fathi Ben Nasr', 'fathi.bennasr', and others in
foreing character sets.
I then get the following messages in my radius log:

  rlm_chap: login attempt by "fathi.bennasr" with CHAP password
  rlm_chap: Could not find clear text password for user fathi.bennasr

As said previously, I don't store user passwords in clear text in the
database and can't change this rule.

My question is: it it possible to "tell" Wifidog-auth to send the password
in clear text and let the radius daemon manage to guess the correct
encoding to compare the provided password to the one stored in the
database (something ala ldap bind, you don't need to know how the
passwords are encoded in the ldap database backend) ?

Fathi B.N.

Plus d'informations sur la liste de diffusion WiFiDog