Setup authentication should be ready soon for gk 2.2 too. I think you should look deeper into radius protocol - we use chap password, because there is no other choice. We are receiving chap password from endpoints - and those password cannot be decrypted because chap password is a hash. So there is not way the gatekeeper can know clear text password. That's one of radius drawbacks - you need to keep clear text passwords in your backend. You can only do some tricks to encrypt/decrypt password in the database on the fly - so they are not directly visible to database administrators etc. It does also add some degree of protection - someone needs to steal not only the database, but also modules with enc/dec routines for your db installation. ----- Original Message ----- From: <gk@xxy.ro> Sent: Thursday, November 13, 2003 11:30 AM > > > 1. on what version are you developing new code 2.0 or 2.2 ? > > > > On both versions. But 2.2 branch is more likely to receive so > > called "experimental" features. > > I am a little puzzled, currently the v2.0 has Setup checking and v2.2 > does not. > > > > 2. is it possible to add a configuration directive not to use chap > > > passwords ? > > > but to fill out the User-Password attribute with the plain > password > > > BTW: is the communication between the endpoint and gatekeeper > > > secured in any way ? > > > > You can use RadAliasAuth module and FixedPassword config variable. > > BTW: It depends on what do you mean by secured communication? > > If you mean "encrypted" then the answer is no, if you mean > > "the password is encrypted" the answer is yes. > > yes. but in this way I lose the user password, I really do not want > to keep > clear text passwords in my database, I just want to encrypt them, and > for > this "User-Password" attribute is needed. ------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ List: Openh323gk-users@lists.sourceforge.net Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
