Don't log user pass to database
Hi, Guys, please tell - how prevent freeradius to log pass to radpostauth mysql (MariaDB) table? I have modified /etc/freeradius/modules section to: Post-Auth = "INSERT INTO ${postauth_table} \ (username, reply, authdate) VALUES \ ('%{User-Name}', \ %{reply:Packet-Type}', '%S');" But, seems this not helps, as i see user passwords in database. Best Regards, Dmitry --- Dmitry KORZHEVIN System Administrator STIDIA S.A. - Luxembourg e: dmitry.korzhevin@stidia.com m: +38 093 874 5453 w: http://www.stidia.com
On 04/02/2013 11:09 AM, Dmitry Korzhevin wrote:
Hi,
Guys, please tell - how prevent freeradius to log pass to radpostauth mysql (MariaDB) table?
I have modified /etc/freeradius/modules section to:
Post-Auth = "INSERT INTO ${postauth_table} \ (username, reply, authdate) VALUES \ ('%{User-Name}', \ %{reply:Packet-Type}', '%S');"
But, seems this not helps, as i see user passwords in database.
Have you restarted the server? Are you sure you're editing the file that FreeRADIUS is reading? Run "radiusd -X" and look at the debug output to see what files it is really reading.
Hi,
Guys, please tell - how prevent freeradius to log pass to radpostauth mysql (MariaDB) table?
I have modified /etc/freeradius/modules section to:
Post-Auth = "INSERT INTO ${postauth_table} \ (username, reply, authdate) VALUES \ ('%{User-Name}', \ %{reply:Packet-Type}', '%S');"
But, seems this not helps, as i see user passwords in database.
as already said, ensure that you are editing the correct file (check what is happening/read with 'radiusd -X' for debug mode (or freeradiusd -X on debian/ubuntu) and ensure you have actually restarted the server (it doesnt just use a new SQL config when you edit the file). I changed the query to specifically state 'password' as the User-Password Post-Auth = "INSERT INTO ${postauth_table} \ (username, password, reply, authdate) VALUES \ ('%{User-Name}', 'password' \ %{reply:Packet-Type}', '%S');" alan
participants (3)
-
A.L.M.Buxey@lboro.ac.uk -
Dmitry Korzhevin -
Phil Mayers