On 09/30/2013 02:45 PM, Matthew Ceroni wrote: > Is there any way to prevent FreeRadius from showing the password in > logs (debug logs) when authentication is done via LDAP? > > Current I see : > > rad_recv: Access-Request packet from host 192.168.100.2 port 31011, > id=13, length=129 > User-Name = "username" > User-Password = "XXXXXX" > NAS-IP-Address = 192.168.100.2 > NAS-Port = 268 > NAS-Port-Type = Virtual > Cisco-AVPair = "ip:source-ip=192.168.21.145" > Calling-Station-Id = "ip:source-ip=192.168.21.145" > > Plus it will show it in other spots as well (accounting section, etc).
Please try to search the list archives before asking questions. This has been answered multiple times. Short answer is no, the debug output is meant for debugging ONLY and during debugging it's vital to be able to see the actual data in use. -- John - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
