Log IP address (Calling-Station-Id?) of failed authentication attempts
Alan DeKok
aland at deployingradius.com
Sun May 9 10:19:13 CEST 2010
Matt Hite wrote:
> It looks like I can possibly enable auth_badpass and auth_goodpass in
> radiusd.conf and then set:
>
> msg_goodpass = "%{Calling-Station-Id}"
> msg_badpass = "%{Calling-Station-Id}"
Yes.
> Is this going about it the right way?
Yes.
> Also, I really don't want the failed passwords to get logged. (I don't
> want to see my colleagues plain-text passwords.) If I do use the
> aforementioned technique, am I also going to see passwords? I'm
> guessing yes.
No. See "auth_badpass" and "auth_goodpass" configuration items. If
they're set to "no", passwords are not logged.
Alan DeKok.
More information about the Freeradius-Users
mailing list