Clear text passwords

Bjørn Mork bjorn at mork.no
Fri Mar 24 12:33:59 CET 2006


"George C. Kaplan" <gckaplan at ack.berkeley.edu> writes:
> Alan DeKok wrote:
>> Guy Fraser <guy at incentre.net> wrote:
>> 
>>>>  You will have to edit the source code to the detail module to make
>>>>it do what you want.
>>>>
>>>
>>>Is that the way it is supposed to be, or is it on a todo list for it 
>>>to be fixed?
>> 
>>   Fixed to do what, and why?
>
> To not log passwords in the detail file, because it puts them at
> unnecessary risk of exposure.

The detail module logs radius packets.  If that's not what you want,
then you probably shouldn't be using the detail module (except maybe
for accounting, where there won't be any password in the packet).

>>   No, I'm not being dumb, I'd like to see reasons why dropping
>> information from the detail log is a good idea.
>
> Actually, I may be confused here.  Are we talking about passwords
> entered by users and sent to the RADIUS daemon by a NAS being logged in
> the radius.log or the detail file?  I ask because I *don't* see this
> behavior (except in debugging mode) on freeradius 1.0.5.  So maybe we're
> talking about something else.
>
> We have strict rules here about handling sensitive data; I'd be in big
> trouble if any of my systems was storing user-supplied passphrases in a
> log file.

The default radiusd.conf does not enable detail logging for anything
but accounting.

The question is:  Why do you want to configure the server to log the
passwords and then modify the source not to honour this configuration
choice?  It seems a lot easier to just go with the defaults...


Bjørn




More information about the Freeradius-Users mailing list