(RADIATOR) high trace level and password

[Mike McCauley]

Hello Denis,


On Tue, 2 Dec 2003 10:09 pm, Denis Pavani wrote:
> Hi all.
> Perhaps I need a hint, perhaps it's a feature request :-)
> I use EAP-TTLS authentication for WLAN, authenticating users against a
> LDAP database, where passwords are encrypted.
> So, I have to use PAP as inner authentication.
> I'd like to keep a 4 trace level but this makes cleartext passwords
> appear in log files.

I guess you mean in the packet dump of the inner request?

> Is there a way to crypt just password fields?

No, but you could set up a special logger for the inner authenticator that has 
a Trace level of 3 instead of 4.

Hope that helps.

Cheers.

>
> Thanks in advance

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985                       Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.