Summary
This chapter looked at authentication in FreeRADIUS. Specifically, we have covered:
- Authentication protocols: There are three popular authentication protocols, namely, PAP, CHAP, and MS-CHAP. PAP is the least secure in certain situations but also the most versatile.
- How FreeRADIUS handles Access-Requests: When an
Access-Requestreaches the FreeRADIUS server theauthorizesection defined in the virtual server determines which authentication method will be used. The value ofAuth-Typeindicates which authentication section will be used. - Password storing: Passwords do not need to be stored in clear text and it is better to store them in a hashed format. There are, however, limitations to the kind of authentication protocols that can be used when the passwords are stored as a hash.
Now that we've learned more about authentication, especially about the storing of usernames and passwords in the users file, we're ready to connect to alternative sources of usernames and passwords...
