Restrict Password from detail file , accounting

Ellis, Scott 1 (N-Comptel Inc.) scott.1.ellis at lmco.com
Thu Jan 18 21:27:49 CET 2007


I have the new version 1.1.4 up and running. I also have uncommented the
"suppress" stanza in radiusd.conf below. However, in radacct/auth-....
files, the password is still showing up..???

Is there something else to do?

Scott 

-----Original Message-----
From:
freeradius-users-bounces+scott.1.ellis=lmco.com at lists.freeradius.org
[mailto:freeradius-users-bounces+scott.1.ellis=lmco.com at lists.freeradius
.org] On Behalf Of A.L.M.Buxey at lboro.ac.uk
Sent: Wednesday, January 10, 2007 3:10 PM
To: FreeRadius users mailing list
Subject: Re: Restrict Password from detail file , accounting

Hi,
> Is there a way to eliminate the password from being written to the 
> accounting log files? Either not in clear text or altogether?

which accounting logs?

with the recent versions of FreeRADIUS you can add the following to the
last part of each detail logging stanza

           suppress {
                    User-Password
           }

usage of obfuscation is also recommended for, eg MySQL logging. simply
replace the User-Password INSERT with the value of 'password'

alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list