Closed tomatotoast closed 3 years ago
extract from config file
`
Are further information required or why is the status incomplete?
Because you didn't use the template.
The main problem is that FreeRADIUS write the password in plaintext itself. There is a hack via ntlm hashing available but I don't see a security gain compared to the work it takes.
If you feel brave I'm happy to help/review/test
This issue has been automatically timed-out (after 180 days of inactivity).
For more information about the policies for this repository, please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.
If someone wants to step up and work on this issue, just let us know, so we can reopen the issue and assign an owner to it.
System: OPNsense 20.1.6-amd64 FreeBSD 11.2-RELEASE-p19-HBSD OpenSSL 1.1.1g 21 Apr 2020
The Freeradius plugin stores user/pass in opnsense config in plaintext. An attacker could extract those to gain access to the network.