[freeside] Passwords over 12 chars
Kristian Hoffmann
khoff at pc-intouch.com
Sun Aug 31 22:08:31 PDT 2003
When freeside exports to radius, it assumes any password longer than 12
characters is a crypt password, following with the standard. This is done
because some people import crypt passwords into freeside and this is the
only real way to determine if a password is plain text or crypt.
To tell you the truth, I ran into the same problem. I'm planning on
writing a patch to fix it, but I don't know what the best way to fix it
would be. In the meantime, <horrible kluge>I just modified the passwords
in the exported radius database</horrible kluge>.
-Kristian
On Sun, 31 Aug 2003 troyh at netsignia.net wrote:
> > On Sat, Aug 30, 2003 at 06:42:09PM -0400, Rob Charles wrote:
> >> Anything after 8 characters does not matter anyways, it's a UNIX
> >> thing....
> >>
> >> :)
> I am not speaking of a unix password. I am speaking of a export with
> sqlradius. If the password is 13 or more then the attrb field is changed
> to Crypt-Password.
>
> >
> > Only with DES encrypted passwords. MD5 and Blowfish will encrypt a, for
> > practical purposes (IIRC, 1024), unlimited length password. Both those
> > also require a much wider encrypted password field.
> >
> > MD5 is the default on FreeBSD and my one Redhat 7.2 box. Blowfish is the
> > default on OpenBSD.
> >
> > --
> > Scott Lambert KC5MLE Unix
> > SysAdmin
> > lambert at lambertfam.org
> >
>
>
More information about the freeside-users
mailing list