5 Nov
2024
5 Nov
'24
1:57 p.m.
On Nov 5, 2024, at 5:15 PM, FreeRAD <yetifreerad@gmail.com> wrote:
I've hashed the passwords in my DB and made it so that the RADIUS server, a) uses the hashed passwords b) doesn't store the cleartext passwords in the 'radpostauth' table. Think I know the answer to this already but is it possible to hash/hide the passwords being seen in the debug logs (e.g. freeradius -X)?
Not really, no.
Pretty sure this is a no since the server needs to see the password at some point but thought I would ask.
We've made this more configurable in v4, but at some point seeing the passwords helps a *lot* for debugging. Alan DeKok.