3.28.24. RcryptKey Previous topic Parent topic Child topic Next topic

This optional parameter indicates that the passwords in the user database may have been reversibly encrypted using Rcrypt. Any password in the database read by this AuthBy and which is in the form {rcrypt}anythingatall will be interpreted as an Rcrypt password and the function Radius::Rcrypt::decrypt() will be used to decrypt it before any password comparisons are made. Rcrypt encrypted passwords are compatible with PAP, CHAP, and MS-CHAP.
Rcrypt reversible encryption allows you keep your user password database reasonably secure, but still support CHAP, MS-CHAP and other authentication methods that require access to the plaintext password. Rcrypt encryption is supported as an option by the RAdmin RADIUS user administration package from Open System Consultants.
The value of RcryptKey must exactly match the key that was used to originally encrypt the passwords.
You can add Rcrypt encryption and decryption to other programs with the Radius::Rcrypt Perl module supplied with Radiator.