On 6 Aug 2013, at 19:49, Roberto Carna <robertocarn...@gmail.com> wrote:
> Dear, when I execute "freeradius -X" the daemon starts in debug mode.
>
> After that when a any user authenticate againts freradisu service, I can see
> in the screen something like this:
>
> [sql] expand: %{User-Name} -> roberto
> [sql] sql_set_user escaped user --> 'roberto'
> [sql] expand: %{User-Password} -> 123456
>
> My password is encrypted with MD5 but it can be seen in the debug screen.
*sigh* No. You have an MD5 hash of the password, the cleartext version is being
sent from the NAS.
> Is there any way to disallow or masquerade the use's password in debug mode
> ???
No. This would be difficult to implement, especially for SQL queries where the
password value is inserted into another string to form the query.
-Arran
Arran Cudbard-Bell <a.cudba...@freeradius.org>
FreeRADIUS Development Team
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
