Don't log user pass to database

A.L.M.Buxey at A.L.M.Buxey at
Tue Apr 2 15:40:37 CEST 2013


> Guys, please tell - how prevent freeradius to log pass to
> radpostauth mysql (MariaDB) table?
> I have modified /etc/freeradius/modules section to:
> Post-Auth = "INSERT INTO ${postauth_table}                   \
> (username, reply, authdate) VALUES                    \
> ('%{User-Name}',         \
> %{reply:Packet-Type}', '%S');"
> But, seems this not helps, as i see user passwords in database.

as already said, ensure that you are editing the correct file (check what is
happening/read with 'radiusd -X' for debug mode (or freeradiusd -X on debian/ubuntu)
and ensure you have actually restarted the server (it doesnt just use a new SQL
config when you edit the file).  I changed the query to specifically state 'password'
as the User-Password 

Post-Auth = "INSERT INTO ${postauth_table}                   \
(username, password, reply, authdate) VALUES                    \
('%{User-Name}', 'password'        \
%{reply:Packet-Type}', '%S');"


More information about the Freeradius-Users mailing list