I am trying to decrypt the password sent from a NAS device to a RADIUS server. I know the shared-secret key and have entered it in Preferences-->Protocols-->Radius-->Shared Key However in the wireshark decode, I would expect the password to be shown. However it doesn't appear to decode/decrypt properly. What am I missing? asked 09 Apr '14, 09:35  jimmy-work |
One Answer:
RADIUS generally just carries the password as supplied by the client as it is. So it is up to the client to use whatever scheme like PAP,CHAP, PEAP to encrypt the password, which the RADIUS server will then send to the authenticating server via say LDAP or a SQL database for verification. The shared key is used for the client (say a switch, wireless access point) to be able to authenticate the and trust the RADIUS server it is sending requests to. answered 10 Apr '14, 00:29  martyvis edited 10 Apr '14, 00:31 |
