mod_auth_radius secure over https?

Question

mod_auth_radius README file says:

Using static passwords & RADIUS authentication over the web is a BAD
IDEA.  Everyone can sniff the passwords, as they're sent over the net
in the clear.

If I serve the page over https, will it be secure then? Or is that not what is meant by the statement?

score 2 · Accepted Answer · answered May 01 '15 at 13:38

2

Yes, over https basic auth is secure. Additionally between the RADIUS server and the HTTP server the passwords are reversibly encrypted using the RADIUS shared secret.

answered May 01 '15 at 13:38

Arran Cudbard-Bell

1,514
1
9
18

mod_auth_radius secure over https?

1 Answers1