On Mon, Oct 23, 2000 at 14:51 +0200, Steven Thompson wrote:
I'm looking to set-up a Linux Dial-in server for any type of client. What is the most secure method of Authentication (eg Radius, PAP, CHAP).
This is the wrong wording (and maybe the wrong list). Radius is a backend at the NAS side and doesn't bother what went over the wire (as well as the clients don't have to know where the auth database lives at the NAS' side). And regarding PAP and CHAP: neither mechanism is "more secure" than the other, they're simply "secure in different ways". While PAP transmits the password in clear over the wire, it allows for encrypted passwords in the auth database. While CHAP transmits encrypted passwords, the NAS has to keep the cleartext version to verify it. It depends on which component you consider most vulnerable -- do you trust your ISP more than the customers? :> You might want to go and search in de.alt.comm.isdn4linux (don't worry, it's bilingual). Or you want to read the FAQ at www.isdn4linux.de which is available in German as well as in English. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.