detail logs User-Password

Ryan Melendez rmelendez at wayport.net
Tue Apr 4 19:12:06 CEST 2006


 
>   Personally, I don't see a lot of value in it.  But if the patch is
> simple & the config is easy, I have no objections to it going in.

If someone would rather send plain text over the wire rather than
storing plain text passwords, logging the password gives up the main
advantage for many in using PAP over CHAP.

>   Question: are there *other* attributes which should be suppressed?
> If so, the configuration should take a list of attributes to censor,
> rather than just "logpass=yes/no"

I don't know of any others, but suggestions are welcome.  I'm going to
go the single-line-option route unless someone chimes in.

Thanks,
Ryan




More information about the Freeradius-Devel mailing list