>Free radius installed via a RPM: ># rpm -qa | grep radius >freeradius-1.0.1-3.RHEL4.5 > > ># radiusd -v >radiusd: FreeRADIUS Version 1.0.1, for host , built on Apr 25 2007 at >08:19:46
That was years out of date even when installed. See about upgrading: http://wiki.freeradius.org/Red_Hat_FAQ >Our /etc/raddb/radiusd.conf clearly states to not log passwords: ># allowed values: {no, yes} ># >log_auth_badpass = no >log_auth_goodpass = no > In radius.log file. And it doesn't: >Login OK: [username] (from client hostname.com port 0) ># cat auth-detail-20081023 > >Packet-Type = Access-Request ><removed> > User-Name = "username" > User-Password = "password" > NAS-IP-Address = 127.0.0.1 > Client-IP-Address = 127.0.0.1 > That's detail module at work: >Module: Loaded detail > detail: detailfile = "/etc/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d" > detail: detailperm = 384 > detail: dirperm = 493 > detail: locking = no >Module: Instantiated detail (auth_log) In current versions there is a supress setting in detail module where you can set attributes that you don't want to log in detail file. I have no idea if such setting exists in the version you are using. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
