tomatotoast
commented
4 years ago extract from config file
`
Closed tomatotoast closed 3 years ago
tomatotoast
commented
4 years ago extract from config file
`
tomatotoast
commented
4 years ago Are further information required or why is the status incomplete?
mimugmail
commented
4 years ago Because you didn't use the template.
The main problem is that FreeRADIUS write the password in plaintext itself. There is a hack via ntlm hashing available but I don't see a security gain compared to the work it takes.
If you feel brave I'm happy to help/review/test
AdSchellevis
commented
3 years ago This issue has been automatically timed-out (after 180 days of inactivity).
For more information about the policies for this repository, please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.
If someone wants to step up and work on this issue, just let us know, so we can reopen the issue and assign an owner to it.
System: OPNsense 20.1.6-amd64 FreeBSD 11.2-RELEASE-p19-HBSD OpenSSL 1.1.1g 21 Apr 2020
The Freeradius plugin stores user/pass in opnsense config in plaintext. An attacker could extract those to gain access to the network.