[Openswan Users] Re: Aggressive mode client to Netscreen w/
leftid=email
mcr at xelerance.com
mcr at xelerance.com
Mon May 23 12:55:11 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Paul" == Paul Wouters <paul at xelerance.com> writes:
>> Another question: does openswan support "CHAP" for Xauth?
Paul> No, XAUTH currently only supports passwords in
Paul> /etc/ipsec.d/passwd or PAM. You should be able to hook up PAM
Paul> to other things, such as radius though. See docs/README.XAUTH
There is an xauth method that uses MD5/CHAP to avoid sending the password.
It is not implemented at this time. It would be a matter of 3-5 days to
do so for openswan<->openswan.
- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr/ www.xelerance.com/training/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQpH83IqHRg3pndX9AQFR0AP7B91zx6bGgFAwMMSQiTWxlC9xQPcoF0r8
04OUlO5ETqNhe3NavWc2ZZJ2Poh/i9VUMqZf8IidqLSZFJKgq4VVPpg9a5MjIlBf
CRKCJ9r6DuyvTpAN1N5gAPacxa54+/+JW/XU4B2OXdBY3azqh3IRbZcGxiE+ssQP
14Qe6kDOK6Y=
=BYt1
-----END PGP SIGNATURE-----
More information about the Users
mailing list