MS-CHAP doesen't need plaintext passwords on the server, but does +
MS-CHAP does not need plaintext passwords on the server, but does need the hashed password either as NT-Hash or as LAN-Manager-Hash -(the LAN-Manager-Hash is weak and shouldn't be used). -MS-CHAPv1 uses DES as hashing algorithm and is weak, therefore don't +(the LAN-Manager-Hash is weak and should not be used). +MS-CHAPv1 uses DES as hashing algorithm and is weak, therefore do not use it! MS-CHAPv2 uses a peer challenge and a server -challenge and uses SHA1 as hashing algorithm, so it's much more -secure then MS-CHAPv1. MS-CHAPv2 requires the NT-Hash be available.
+challenge and uses SHA1 as hashing algorithm, so it is much more +secure than MS-CHAPv1. MS-CHAPv2 requires the NT-Hash be available.Usually UNIX systems have a different non-revertable hashing
algorithm for passwords, therefore it is not possible to use the
traditional UNIX password database if you want to use any
CHAP algorithm, with the exception that FreeBSD versions 5.1 and
later support the NT-Hash format in the password database
(configurable via login.conf: passwd_format=nth).
-However MPD doesen't currently support authentication against
+However MPD does not currently support authentication against
the UNIX password database.
EAP is an Extensible Authentication Protocol. Mpd supports natively only the EAP-Type MD5; other EAP-Types may be used @@ -58,16 +58,16 @@ from authentication.
Starting with MPD 3.14, MPD behaves more intelligently when negotiating authentication protocols. MPD searches an internal list of protocols, -from most to least secure, until a mutually agreeable protocol is found. -If the link is a PPTP link, then MS-CHAP is most preferrable, otherwise -MD5-CHAP is most preferrable.
+from most to least secure until a mutually agreeable protocol is found. +If the link is a PPTP link, then MS-CHAP is most preferable, otherwise +MD5-CHAP is most preferable.