FreeRADIUS Authentication: Storing Passwords

Exclusive offer: get 50% off this eBook here
FreeRADIUS Beginner's Guide

FreeRADIUS Beginner's Guide — Save 50%

Manage your network resources with FreeRADIUS.

$26.99    $13.50
by Dirk van der Walt | September 2011 | Beginner's Guides Networking & Telephony Open Source

In the previous article we covered the Authentication Methods used while working with FreeRADIUS. This article by Dirk van der Walt, author of FreeRADIUS Beginner's Guide, teaches methods for storing passwords and how they work. Passwords do not need to be stored in clear text and it is better to store them in a hashed format. There are, however, limitations to the kind of authentication protocols that can be used when the passwords are stored as a hash which we will explore in this article.

 

(For more resources on this subject, see here.)

Storing passwords

Username and password combinations have to be stored somewhere. The following list mentions some of the popular places:

  • Text files: You should be familiar with this method by now.
  • SQL databases: FreeRADIUS includes modules to interact with SQL databases. MySQL is very popular and widely used with FreeRADIUS.
  • Directories: Microsoft's Active Directory or Novell's e-Directory are typical enterprise-size directories. OpenLDAP is a popular open source alternative.

The users file and the SQL database that can be used by FreeRADIUS store the username and password as AVPs. When the value of this AVP is in clear text, it can be dangerous if the wrong person gets hold of it. Let's see how this risk can be minimized.

Hash formats

To reduce this risk, we can store the passwords in a hashed format. A hashed format of a password is like a digital fingerprint of that password's text value. There are many different ways to calculate this hash, for example MD5 or SHA1. The end result of a hash should be a one-way fixed-length encrypted string that uniquely represents the password. It should be impossible to retrieve the original password out of the hash.

To make the hash even more secure and more immune to dictionary attacks we can add a salt to the function that generates the hash. A salt is randomly generated bits to be used in combination with the password as input to the one way hash function. With FreeRADIUS we store the salt along with the hash. It is therefore essential to have a random salt with each hash to make a rainbow table attack difficult. The pap module, which is used for PAP authentication, can use passwords stored in the following hash formats to authenticate users:

FreeRADIUS Beginner's Guide

Both MD5 and SSH1 hash functions can be used with a salt to make it more secure.

Time for action – hashing our password

We will replace the Cleartext-Password AVP in the users file with a more secure hashed password AVP in this section.

There seems to be a general confusion on how the hashed password should be created and presented. We will help you clarify this issue in order to produce working hashes for each format.

A valuable URL to assist us with the hashes is the OpenLDAP FAQ:

http://www.openldap.org/faq/data/cache/419.html

There are a few sections that show how to create different types of password hashes. We can adapt this for our own use in FreeRADIUS.

Crypt-Password

Crypt password hashes have their origins in Unix computing. Stronger hashing methods are preferred over crypt, although crypt is still widely used.

  1. The following Perl one-liner will produce a crypt password for passme with the salt value of 'salt':

    #> perl -e 'print(crypt("passme","salt")."\n");'

  2. Use this output and change Alice's check entry in the users file from: "alice" Cleartext-Password := "passme" to: "alice" Crypt-Password := "sa85/iGj2UWlA"
  3. Restart the FreeRADIUS server in debug mode.
  4. Run the authentication request against it again.
  5. Ensure that pap now uses the crypt password by looking for the following line in the FreeRADIUS debug feedback:

    [pap] Using CRYPT password "sa85/iGj2UWlA"

MD5-Password

The MD5 hash is often used to check the integrity of a file. When downloading a Linux ISO image you are also typically supplied with the MD5 sum of the file. You can then confirm the integrity of the file by using the md5sum command.

We can also generate an MD5 hash from a password. We will use Perl to generate and encode the MD5 hash in the correct format that is required by the pap module. The creation of this password hash involves external Perl modules, which you may have to install first before the script can be used. The following steps will show you how:

  1. Create a Perl script with the following contents; we'll name it 4088_04_md5.pl:

    #! /usr/bin/perl -w
    use strict;
    use Digest::MD5;
    use MIME::Base64;
    unless($ARGV[0]){
    print "Please supply a password to create a MD5 hash from.\n";
    exit;
    }
    my $ctx = Digest::MD5->new;
    $ctx->add($ARGV[0]);
    print encode_base64($ctx->digest,'')."\n";

  2. Make the 4088_04_md5.pl file executable:

    chmod 755 4088_04_md5.pl

  3. Get the MD5 password for passme:

    ./4088_04_md5.pl passme

  4. Use this output and update Alice's entry in the user's file to:

    "alice" MD5-Password := "ugGBYPwm4MwukpuOBx8FLQ=="

  5. Restart the FreeRADIUS server in debug mode.
  6. Run the authentication request against it again.
  7. Ensure that pap now uses the MD5 password by looking for the following line in the FreeRADIUS debug feedback:

    [pap] Using MD5 encryption.

SMD5-Password

This is an MD5 password with salt. The creation of this password hash involves external Perl modules, which you may have to install first before the script can be used.

  1. Create a Perl script with the following contents; we'll name it 4088_04_smd5.pl:

    #! /usr/bin/perl -w
    use strict;
    use Digest::MD5;
    use MIME::Base64;
    unless(($ARGV[0])&&($ARGV[1])){
    print "Please supply a password and salt to create a salted
    MD5 hash from.\n";
    exit;
    }
    my $ctx = Digest::MD5->new;
    $ctx->add($ARGV[0]);
    my $salt = $ARGV[1];
    $ctx->add($salt);
    print encode_base64($ctx->digest . $salt ,'')."\n";

  2. Make the 4088_04_smd5.pl file executable:

    chmod 755 4088_04_smd5.pl

  3. Get the SMD5 value for passme using a salt value of 'salt':

    ./4088_04_smd5.pl passme salt

    Remember that you should use a random value for the salt. We only used salt here for the demonstration.

  4. Use this output and update Alice's entry in the user's file to:

    "alice" SMD5-Password := "Vr6uPTrGykq4yKig67v5kHNhbHQ="

  5. Restart the FreeRADIUS server in debug mode.
  6. Run the authentication request against it again.
  7. Ensure that pap now uses the SMD5 password by looking for the following line in the FreeRADIUS debug feedback.

    [pap] Using SMD5 encryption.

FreeRADIUS Beginner's Guide Manage your network resources with FreeRADIUS.
Published: September 2011
eBook Price: $26.99
Book Price: $44.99
See more
Select your format and quantity:

 

(For more resources on this subject, see here.)

SHA-Password

SHA stands for Secure Hash Algorithm. SHA1 is most commonly used from the SHA series of cryptographic hash functions. It was designed by the National Security Agency (NSA) and published as their government standard. SHA-1 produces a 160-bit hash value. There was SHA-0 that had been withdrawn by the NSA shortly after publication and was superseded by SHA-1. There is also the SHA-2 series that features significant changes from SHA-1. SHA-2 includes the SHA-224, SHA-256, SHA-384, SHA-512 cryptographic functions. A new hash standard called SHA-3 is currently under development.

The creation of this password hash involves external Perl module, which you may have to install first before the script can be used.

  1. Create a Perl script with the following contents; we'll name it 4088_04_sha1.pl:

    #! /usr/bin/perl -w
    use strict;
    use Digest::SHA1;
    use MIME::Base64;
    unless($ARGV[0]){
    print "Please supply a password to create a SHA1 hash from.\n";
    exit;
    }
    my $ctx = Digest::SHA1->new;
    $ctx->add($ARGV[0]);
    print encode_base64($ctx->digest,'')."\n";

  2. Make the 4088_04_sha1.pl file executable:

    chmod 755 4088_04_sha1.pl

  3. Get the SHA value for passme:

    ./4088_04_sha1.pl passme

  4. Use this output and update Alice's entry in the user's file to:

    "alice" SHA-Password := "/waczsxHgPn1JIkpJENLNV5Jp5k="

  5. Restart the FreeRADIUS server in debug mode.
  6. Run the authentication request again against it.
  7. Ensure that pap now uses the SHA password by looking for the following line in the FreeRADIUS debug feedback:

    [pap] Using SHA encryption.

SSHA-Password

This is an SHA password with salt. The creation of this password hash involves external Perl modules, which you may have to install first before the script can be used.

  1. Create a Perl script with the following contents; we'll name it 4088_04_ssha1.pl:

    #! /usr/bin/perl -w
    use strict;
    use Digest::SHA1;
    use MIME::Base64;
    unless(($ARGV[0])&&($ARGV[1])){
    print "Please supply a password and salt to create a salted SHA1
    hash from.\n";
    exit;
    }
    my $ctx = Digest::SHA1->new;
    $ctx->add($ARGV[0]);
    my $salt = $ARGV[1];
    $ctx->add($salt);
    print encode_base64($ctx->digest . $salt ,'')."\n";

  2. Make the 4088_04_ssha1.pl file executable:

    chmod 755 4088_04_ssha1.pl

  3. Get the SSHA value for passme using a salt value of 'salt':

    ./4088_04_ssha1.pl passme salt

    Remember that you should use a random value for the salt. We only used salt here for the demonstration.

  4. Use this output and update Alice's entry in the user's file to:

    "alice" SSHA-Password := "bXUygZ+GToKwJysZyzghIEwf9tJzYWx0"

  5. Restart the FreeRADIUS server in debug mode.
  6. Run the authentication request against it again.
  7. Ensure that pap now uses the SSHA password by looking for the following line in the FreeRADIUS debug feedback:

    [pap] Using SSHA encryption.

NT-Password or LM-Password

The LM-Password AVP is used to store the LM hash of a user's password. The NT-Password AVP is used to store the NTLM hash of a user's password. The LM hash is the password hash that was used by Microsoft LAN Manager prior to Windows NT. The NTLM hash was introduced with Windows NT.

Due to their known flaws it is now recommended not to use them anymore. The flaws include vulnerability to pre-computed attacks because they do not use a salt. The password is also split up. This allows for fewer possibilities per chunk of the password, making it easier to guess.

Despite the flaws the LM hash and NTLM hash are still widely used because of the many legacy third-party CIFS implementations. Although not enabled, Windows Server 2008 still includes support for the LM hash.

To create an NT-Password or LM-Password hash we use the smbencrypt program, which is installed with FreeRADIUS. Because the NT-Password hash is more secure than the LM-Password hash we will use it here.

  1. Get the NT-Password for passme by using the following command:

    smbencrypt passme

  2. Use this output and update Alice's entry in the user's file to:

    "alice" NT-Password := "CED46D3B902D60F779ED78BFD90ED00A"

  3. Restart the FreeRADIUS server in debug mode.
  4. Run the authentication request against it again.
  5. Ensure that pap now uses the NT password by looking for the following line in the FreeRADIUS debug feedback:

    [pap] NT-Hash of passme = ced46d3b902d60f779ed78bfd90ed00a

What just happened?

We have created and tested different hash formats for storing a user's password inside the users file.

Hash formats and authentication protocols

Hashing a password imposes limitations on the available authentication protocols that can use this password. As you have seen, PAP can be used with all of them. CHAP requires that the password be stored in clear text. MS-CHAP can only use clear text or NT-Password.

There is a nice authentication protocol and password encryption lookup grid at the following URL:
http://deployingradius.com/documents/protocols/compatibility.html

Other authentication methods

There are two other authentication methods that are worth mentioning here. They are one-time passwords and certificates.

One-time passwords

FreeRADIUS includes a module called rlm_otp that can be used to handle OTP (one-time password) tokens. This module should be used in conjunction with additional programs. Unfortunately the company that contributed the code for the additional programs, Tri-D Systems, does not exist anymore. However, the code was forked and is now available from Google Code (http://code.google.com/p/otpd/).

If you want to implement your own one-time password functionality you can use a module like rlm_perl or rlm_python to handle the logic behind a one-time password. The NAS may still send User-Name and User-Password attributes to FreeRADIUS, but the way the User-Password is managed will be unique in order to handle a one-time password.

Certificates

Certificates do not involve the presentation of a username and password combination. EAP can use this as a sub-method. Certificates will be discussed in more detail in the next article on EAP.

Summary

In this article we covered Hash formats for safe storing of passwords and authentication protocols.


Further resources on this subject:


FreeRADIUS Beginner's Guide Manage your network resources with FreeRADIUS.
Published: September 2011
eBook Price: $26.99
Book Price: $44.99
See more
Select your format and quantity:

About the Author :


Dirk van der Walt

Dirk van der Walt is an Open Source Software Specialist from Pretoria, South Africa. He is a firm believer in the potential of Open Source software. Being a Linux user for almost 10 years it was love at first boot. From then on Dirk has spent his available time sharing his knowledge with others equally passionate about the freedom and affordability Open Source software gives to the community.

In 2003 Dirk started coding with Perl as his language of choice and gave his full attention to functional and aesthetic user interface design. He also compiled an on-line Gtk2-Perl study guide to promote the advancement of Perl on the desktop.

As Rich Internet Applications (RIA) became more popular, Dirk added the Dojo toolkit and CakePHP to his skills-set to create an AJAX-style front-end to a FreeRADIUS MySQL database. His latest work is YFi Hotspot Manager. Today YFi Hotspot Manager is used in many localities around the globe. With many contributors to the project it proves just how well the Open Source software model can work.

Books From Packt


Understanding TCP/IP
Understanding TCP/IP

Cacti 0.8 Beginner's Guide
Cacti 0.8 Beginner's Guide

OpenVPN 2 Cookbook
OpenVPN 2 Cookbook

FreeSWITCH 1.0.6
FreeSWITCH 1.0.6

Building Telephony Systems with OpenSER
Building Telephony Systems with OpenSER

Tcl 8.5 Network Programming
Tcl 8.5 Network Programming

Rhomobile Beginner's Guide
Rhomobile Beginner's Guide

Zabbix 1.8 Network Monitoring
Zabbix 1.8 Network Monitoring


Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Resources
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software