2018-05-09 - Re: [GRASE-Hotspot] About radpostauth table’s pass field

Header Data

From: Timothy White <ti***8@gmail.com>
Message Hash: 7cf35d6adf5114bba7570c2afd8fc8edffca1d5a9a9e4981d4d02c7eed735331
Message ID: <CAESLx0Jv4Ntaj0zOR+2hkoz6m3BLue=qnhPN3+d9z6Vkn9fr-g@mail.gmail.com>
Reply To: <aa9f1685-f94d-468d-b769-1f2fef2e2577@grasehotspot.org>
UTC Datetime: 2018-05-09 13:44:53 UTC
Raw Date: Wed, 09 May 2018 20:44:53 +0000

Raw message

Hi Postaemre

Because we do CHAP authentication, the plaintext password the user types in
is never sent to the server. A CHAP challenge and response is, which isn't
reversible to see what the client typed in. Unfortunately for your use
case, you can never get the plaintext password that the user typed in.

Regards

Tim

On Wed, 9 May 2018 at 21:28, postaemre <po***e@gmail.com> wrote:

> Hi Tim
>
> Users sometimes write their passwords incorrectly. I can see incorrect
> access requests from the RADPOSTAUTH table, but I can not see what they are
> doing when writing the password. Plain text passwords do not go to the
> PASS field. Only the CHAP-Password value is written here. Sometimes it is
> useful to tell users that HOTSPOT is working, but they have entered the
> wrong password and even the mistake they have made is that.
>
> In the /etc/freeradius/sql.conf file and
> /etc/freeradius/sql/mysql/dialup.conf, I saw the sql lines that sent values
> for the RADPOSTAUTH table.
>
> I've done experiments in these areas. I created a new column. I wanted to
> print the plain password value here, but again I realized that the value
> was empty.
>
> Can you help me?
>
> Thank you...
>
> --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gr***e@grasehotspot.org.
> To post to this group, send email to gr***t@grasehotspot.org.
> Visit this group at
> https://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/aa9f1685-f94d-468d-b769-1f2fef2e2577%40grasehotspot.org
> <https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/aa9f1685-f94d-468d-b769-1f2fef2e2577%40grasehotspot.org?utm_medium=email&utm_source=footer>
> .
>

Thread

• Return to May 2018

• Return to “postaemre <po***e@gmail.com>”

• Return to “Timothy White <ti***8@gmail.com>”

• 2018-05-09 (Wed, 09 May 2018 04:28:55 -0700) - About radpostauth table’s pass field - postaemre <po***e@gmail.com>
  • 2018-05-09 (Wed, 09 May 2018 20:44:53 +0000) - Re: [GRASE-Hotspot] About radpostauth table’s pass field - Timothy White <ti***8@gmail.com>