Freeradius sql module usage

Marek Zarychta zarychtam at plan-b.pwste.edu.pl
Tue Jul 23 17:16:13 UTC 2024


W dniu 23.07.2024 o 17:21, Alan Smith via Freeradius-Users pisze:
> A project I am working on does not allow storage of plain text passwords in the config file. That is why.

It looks like an interesting requirement. Maybe you can go further an 
configure access to the database without any password to fully comply 
with these rules?

>     On Tuesday, 23 July 2024 at 09:39:41 pm SGT, Alan DeKok <aland at deployingradius.com> wrote:
>   
>   On Jul 23, 2024, at 1:12 AM, Alan Smith via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>> How may I encrypt the password used in Connection info in SQL module? Kindly advise. Thanks.
>    What problem would that solve?
>
>    Think about it for a bit.  The server has to be able to decrypt that password somehow.  So where is the decryption key stored?  How can the server get access to it?
>
>    These kinds of approaches add complexity, and offer zero additional security.
>
>    Alan DeKok.
>
>    
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

-- 
Marek Zarychta



More information about the Freeradius-Users mailing list