[strongSwan] eap-radius and ssha passwords
Thomas Will
thomas.will at xinux.de
Sun Feb 22 20:27:09 CET 2015
clear text password should be possible with peap and leap ....
I brought it to work with freeradius - ldap
http://deployingradius.com/documents/protocols/compatibility.html
Am 22.02.15 um 19:31 schrieb Alexey Beketov:
>
> Hello,
>
> I'm trying to make strongswan authorize and authenticate against
> freeipa through eap-radius. Client is my android phone and strongswan
> app (I'd like to use MOBIKE).
> I've sucessfully configured freeradius to query freeipa via ldap protocol.
> After some playing I've figured out that freeipa stores passwords in
> ssha hash. So to got everything work freeradius needs passwords in
> clear-text or ssha.
> The only way I got IPSEC to work on my phone is using xauth + psk and
> native android vpn client. But that way is using ikev1 and thus I
> can't use MOBIKE.
> My question: Is there any way to use eap-radius and ssha passwords to
> get ikev2 support?
> May be it is possible to pass clear-text passwords using eap-radius?
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150222/44580099/attachment.html>
More information about the Users
mailing list