Hiding "secret" used in for PAM authentication

Alan DeKok aland at deployingradius.com
Sat Nov 19 09:45:37 CET 2011


Gregory Machin wrote:
> We are using using PAM to authenticate users against Freeradius, an
> that is working well. The problem is that the users are 3rd party
> developers and some need root access. The issue we have is that the
> radius secret is stored in clear text file. How can this be hidden so
> that is can be misused  ?

  If they have root, there is nothing you can do to hide anything from them.

> Is there a document on hardening Freeradius ?

  No.  FreeRADIUS is secure.  What kind of "hardening" are you looking for?

  Alan DeKok.



More information about the Freeradius-Users mailing list