Hello, I know that the log section of radiusd.conf allows to log passwords, by setting auth_badpass and auth_goodpass to "yes" or"no". But what I need is to log passwords only using the linelog module. More precisely, I'd like to keep auth_badpass = no auth_goodpass =yes destination = syslog in the log section of radiusd.conf and occasionally activate password logging on a local file via linelog for debugging purposes (and not have password be sent to syslog). Is this possible? If not with linelog, is there another way to keep on logging via syslog, while logging only password to a file? Thanks in advance, Stefano
On Tue, Mar 08, 2016 at 01:33:50PM +0100, Stefano Zanmarchi wrote:
logging on a local file via linelog for debugging purposes (and not have password be sent to syslog).
If the password comes in the clear in User-Password then you can put it in the linelog config just like any other attribute. But many auth methods (especially the EAP-based ones) don't send a cleartext password. Not that I would ever recommend storing passwords for any reason, but that's up to you. Matthew -- Matthew Newton, Ph.D. <mcn4@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>
participants (3)
-
A.L.M.Buxey@lboro.ac.uk -
Matthew Newton -
Stefano Zanmarchi