Freeradius sql module usage
Marek Zarychta
zarychtam at plan-b.pwste.edu.pl
Tue Jul 23 17:16:13 UTC 2024
W dniu 23.07.2024 o 17:21, Alan Smith via Freeradius-Users pisze:
> A project I am working on does not allow storage of plain text passwords in the config file. That is why.
It looks like an interesting requirement. Maybe you can go further an
configure access to the database without any password to fully comply
with these rules?
> On Tuesday, 23 July 2024 at 09:39:41 pm SGT, Alan DeKok <aland at deployingradius.com> wrote:
>
> On Jul 23, 2024, at 1:12 AM, Alan Smith via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
>> How may I encrypt the password used in Connection info in SQL module? Kindly advise. Thanks.
> What problem would that solve?
>
> Think about it for a bit. The server has to be able to decrypt that password somehow. So where is the decryption key stored? How can the server get access to it?
>
> These kinds of approaches add complexity, and offer zero additional security.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Marek Zarychta
More information about the Freeradius-Users
mailing list