radiusd logs good passwords even when told not to?

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Jan 6 18:51:22 CET 2009


> Background info:

yes, ancient version

> Our /etc/raddb/radiusd.conf clearly states to not log passwords:
> #  allowed values: {no, yes}
> #
> log_auth_badpass = no
> log_auth_goodpass = no

correct - in the main log

> However it's logging good password auth's still..

no, this is the detail file - and you've enabled the
detail logging module - which has an option for stopping
the password from being logged...however, I think that
was only from version 1.1.x  - see the current version 
docs and/or the current config files from the recent
release (download the tar.gz file, extract and then view
the config.

do you need or use the detail files in any of your
processes? if not, then disable the detail module
(comment out calls to it)


More information about the Freeradius-Users mailing list