On 09/30/2013 02:45 PM, Matthew Ceroni wrote:
Is there any way to prevent FreeRadius from showing the password in logs (debug logs) when authentication is done via LDAP?
Current I see :
rad_recv: Access-Request packet from host 192.168.100.2 port 31011, id=13, length=129 User-Name = "username" User-Password = "XXXXXX" NAS-IP-Address = 192.168.100.2 NAS-Port = 268 NAS-Port-Type = Virtual Cisco-AVPair = "ip:source-ip=192.168.21.145" Calling-Station-Id = "ip:source-ip=192.168.21.145"
Plus it will show it in other spots as well (accounting section, etc).
Please try to search the list archives before asking questions. This has been answered multiple times. Short answer is no, the debug output is meant for debugging ONLY and during debugging it's vital to be able to see the actual data in use. -- John