Storing passwords

Username and password combinations have to be stored somewhere. The following list mentions some of the popular places:

Text files: You should be familiar with this method by now.
SQL databases: FreeRADIUS includes modules to interact with SQL databases. MySQL is very popular and widely used with FreeRADIUS.
Directories: Microsoft's Active Directory or Novell's e-Directory are typical enterprise-size directories. OpenLDAP is a popular open source alternative.

The users file and the SQL database that can be used by FreeRADIUS store the username and password as AVPs. When the value of this AVP is in clear text, it can be dangerous if the wrong person gets hold of it. Let's see how this risk can be minimized.

Hash formats

To reduce this ...

Get FreeRADIUS Beginner's Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

FreeRADIUS Beginner's Guide by Dirk van der Walt

Storing passwords

Hash formats

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly