I need to implement Radius authentication using Active Directory. My question is do I need to specify the encryption method? or the the key spcified under radius-server key command enough to encrypt?
I am concerned about the information been sent in clear text between the switch and the radius server. the switch is conbfigured for SSH. how do I secure this?
I did some lab teSts and it is working except that I am worried about clear text passwords.
Your help in this regard will be highly appreciated.
Transactions between the client and RADIUS server are authenticated through the use of a shared secret, which is never sent over the network. In addition, any user passwords are sent encrypted between the client and RADIUS server. This eliminates the possibility that someone snooping on an unsecured network could determine a user's password.
Hope that helps.