FreeRADIUS: Omit PAP auth passwords leaking to logs
hWhen using remote authentication on switches, most will primarly support PAP, the simplest method. This way the password is sent MD5 encrypted (to my knowledge) via the shared secret between the NAS and the RADIUS server. Nowadays this isn’t considered to be secure, nonetheless I don’t expect most devices to support RADSEC when the don’t … more