The Local Password authentication type allows to keep plaintext user passwords. Although the use of this authentication type is strongly discouraged for security reasons, this is the only authentication type that can be used with CHAP authentication.
There are two ways of using this authentication type
To keep the plaintext passwords in `users' file, the profile entry must follow this pattern:
user-name Auth-Type = Local, Password = plaintext
The plaintext is the user's plaintext password. Obviously,
user-name may not be DEFAULT
nor BEGIN
.
user-name Auth-Type = Local, Password-Location = SQL
When the user is authenticated using such profile, its password
is retrieved from the authentication database using auth_query
.
The configuration of SQL authentication is described in
detail in section Authentication Server Parameters.
Go to the first, previous, next, last section, table of contents.