17.1. EAP MD5-Challenge Previous topic Parent topic Child topic Next topic

In EAP MD5-Challenge, the RADIUS server sends a random challenge to the client. The client forms an MD5 hash of the user's password and the challenge and sends the result back to the server. The server then validates the MD5 hash using the known correct plaintext password from the user database. EAP MD5-Challenge does not support dynamic WEP keys.
EAP MD5-Challenge can work with most Radiator AuthBy clauses that support the retrieval of a plaintext password, such as FILE, DBFILE, SQL, LDAP etc.