Debug show cleartext password
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Sep 11 09:58:49 CEST 2013
On 11 Sep 2013, at 08:43, A.L.M.Buxey at lboro.ac.uk wrote:
> Hi,
>
>> i am getting a problem on Freeradius installed on CentOS. When i set the
>> service Radiusd in debug mode and send an access request (default type
>> PAP) through Radtest the debug show the password in cleartext.
>> Is there an option to do not show the fiedl User-Password in cleartext?
>
> debug shows all. the RADIUS server knows all. the point of debug is to debug..and
> you might have eg incorrect password. this question is asked frequently - a quick
> look at mailing list history would show you.....and the answer is no. dont run in debug if
> you dont want to see debug.
Sure, but radtest should probably have a password argument where it does a secure read from stdin.
FreeRADIUS shouldn't obfuscate passwords in debug, that'd be stupid.
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
More information about the Freeradius-Users
mailing list