[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can password-hash be database specific? also, storing and verifying cleartext passwords



> Thanks for everyone's help.  I don't want users passwords stored in
> clear text in the directory, so I've set the password-hash back to SSHA.
> Even when it was stored in cleartext, the passwords were base64 encoded
> and freeradius wasn't seeing that as a match.

Passwords are not *stored* base64-encoded; they're just presented
base64-encoded.  They're stored with their actual value.  The reason for
back64-encode them when presented is that octet-strings could be
non-printable.

p.