Password in auth-detail file

Phil Mayers p.mayers at imperial.ac.uk
Thu May 4 16:53:31 CEST 2006


Axel Seguin wrote:
> Hi everyone,
> 
> I am using Freeradius with LDAP. I use EAP-TTLS for authentication with 
> PAP (the passwords in LDAP being crypted).
> In the ldap.conf file I have :
> 
> log_auth_badpass = no
> log_auth_goopass = no
> 
> But I still see the user password in clear text in the auth-detail file.
> 
> I am sorry if this is a silly question but I have been trying to find a 
> solution for quite a while now and still haven't found anything.
> Is it possible to make sure the passwords are not stored in the 
> auth-detail files?

Not without source code patches. See other recent posts on the list on 
this subject.

> Or does it have to be like this?

No. You can disable auth-detail logging. It's not enabled by default. 
You chose to enable it.



More information about the Freeradius-Users mailing list