User's password on radius log
Title: Message Is it possible to turn off showing password of each user on freeradius log file? I think it is security issue. Everyone who can access this file can also see password of all users who authenticate by freeradius. rttp �
Re: User's password on radius log
"Rattapon Pacharawongsakda" <[EMAIL PROTECTED]> wrote: > Is it possible to turn off showing password of each user on > freeradius log file? Yes. Search "radiusd.conf" for "password" and "log". > I think it is security issue. Maybe, but that's why it's turned off by default. > Everyone who can access this file can also see password of all users > who authenticate by freeradius. Which is why the install process sets the permissions so that only root can read those files. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User's password on radius log
On Sun, Jun 06, 2004 at 10:20:13AM -0400, Alan DeKok wrote: > "Rattapon Pacharawongsakda" <[EMAIL PROTECTED]> wrote: > > Is it possible to turn off showing password of each user on > > freeradius log file? > > Yes. Search "radiusd.conf" for "password" and "log". Unfortunately, some modules (e.g. rlm_(ms)chap, rlm_ldap) do log passwords in _debug mode_, in despite of log_auth_(good|bad)pass settings. The only way for now to fix it (if you need) is to edit the sources. -- Fduch M. Pravking - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: User's password on radius log
"Alexander M. Pravking" <[EMAIL PROTECTED]> wrote: > Unfortunately, some modules (e.g. rlm_(ms)chap, rlm_ldap) do log > passwords in _debug mode_, in despite of log_auth_(good|bad)pass > settings. In debug mode, nothing gets written to "radius.log", so there's no problem. It would help to describe *completely* what you're talking about, in your first email. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
