Hello, I have running freeradius authenticating against an openldap directory. In my configuration I have this: log_auth = yes log_auth_badpass = yes log_auth_goodpass = no But I can see passwords of everybody in my auth-details files (correct and incorrect password). Is there any way to log just wrong password? Or not to log any password at all? -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 968367590 Fax: 968398337
Angel L. Mateo wrote:
Hello,
I have running freeradius authenticating against an openldap directory. In my configuration I have this:
log_auth = yes ...
That doesn't affect the detail file. Hint: those configurations aren't in the section labelled "detail".
But I can see passwords of everybody in my auth-details files (correct and incorrect password).
Is there any way to log just wrong password? Or not to log any password at all?
In 1.1.4, yes. See radiusd.conf, look at the "detail" section. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
El mié, 21-02-2007 a las 13:32 +0100, Alan DeKok escribió:
In 1.1.4, yes. See radiusd.conf, look at the "detail" section.
But I have 1.1.3 :-(. Is there any way without needing to upgrade? -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 968367590 Fax: 968398337
Hi,
El mié, 21-02-2007 a las 13:32 +0100, Alan DeKok escribió:
In 1.1.4, yes. See radiusd.conf, look at the "detail" section.
But I have 1.1.3 :-(. Is there any way without needing to upgrade?
you can use the 'suppress' feature for each of the detail logs. this feature was introduced in 1.1.2 eg suppress { User-Password } in your detail stanzas alan
El jue, 22-02-2007 a las 11:51 +0000, A.L.M.Buxey@lboro.ac.uk escribió:
Hi,
El mié, 21-02-2007 a las 13:32 +0100, Alan DeKok escribió:
In 1.1.4, yes. See radiusd.conf, look at the "detail" section.
But I have 1.1.3 :-(. Is there any way without needing to upgrade?
you can use the 'suppress' feature for each of the detail logs. this feature was introduced in 1.1.2
eg
suppress { User-Password }
in your detail stanzas
Great! It works. Thank you very much -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información _o) y las Comunicaciones Aplicadas (ATICA) / \\ http://www.um.es/atica _(___V Tfo: 968367590 Fax: 968398337
participants (3)
-
A.L.M.Buxey@lboro.ac.uk -
Alan DeKok -
Angel L. Mateo