FreeRADIUS/pam_radius

pam_radius_auth logs passwords in plain text.

jscarville opened this issue · 1 comments

I am trying to get Okta to work with openssh using their radius agent. As part of this I turned on the debug function for pam_radius_auth on a test server and discovered that it logs the password in the clear.

I am using version 1.4.0 in case this feature has been fixed.

If the server logged passwords in normal mode, that would be an issue. But for debug mode, this is what's supposed to happen.