RE: Restrict Password from detail file , accounting
Do you know what version was the first to introduce this feature? Is there any other solution for the older versions? Thanks, Scott -----Original Message----- From: freeradius-users-bounces+scott.1.ellis=lmco.com@lists.freeradius.org [mailto:freeradius-users-bounces+scott.1.ellis=lmco.com@lists.freeradius .org] On Behalf Of A.L.M.Buxey@lboro.ac.uk Sent: Wednesday, January 10, 2007 3:10 PM To: FreeRadius users mailing list Subject: Re: Restrict Password from detail file , accounting Hi,
Is there a way to eliminate the password from being written to the accounting log files? Either not in clear text or altogether?
which accounting logs? with the recent versions of FreeRADIUS you can add the following to the last part of each detail logging stanza suppress { User-Password } usage of obfuscation is also recommended for, eg MySQL logging. simply replace the User-Password INSERT with the value of 'password' alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
Do you know what version was the first to introduce this feature?
1.1.2 Feature improvements * Allow tagged VSA's for Juniper. Closes bugs #367 and #368. * Allow Ascend "abinary" format to be specified as octets, (e.g. Ascend-Data-Filter = 0x010203...) * Added "cipher_list" configuration to the EAP-TLS module. See "eap.conf" and "man 1 cipher" for details. * Added "check_cert_issuer" configuration to the EAP-TLS module. See "eap.conf" for details. (closes: #346) * Added "suppress" configuration entry to rlm_detail, to suppress certain attributes (e.g. User-Password). This closes bug #359. * More dictionary updates * Write SSL errors to log file, rather than stderr. This closes bug #347. * Allow a core dump on uid change on Linux (closes: #361)
Is there any other solution for the older versions?
not that i can think of straight off-hand,. alan
participants (2)
-
A.L.M.Buxey@lboro.ac.uk -
Ellis, Scott 1 (N-Comptel Inc.)