aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzackbcom <zack@zackb.com>2015-04-13 00:54:23 -0500
committerzackbcom <zack@zackb.com>2015-04-13 00:54:23 -0500
commit01a187c3ec8f283f0a88ee7dff54336ef38f05c1 (patch)
tree452dad23339c24041c6a7e785e9e41e71419f251
parenta9c38e6a1977a1a5359f5bd9d244912830ab2541 (diff)
downloadpfsense-packages-01a187c3ec8f283f0a88ee7dff54336ef38f05c1.tar.gz
pfsense-packages-01a187c3ec8f283f0a88ee7dff54336ef38f05c1.tar.bz2
pfsense-packages-01a187c3ec8f283f0a88ee7dff54336ef38f05c1.zip
Show max shared secret length
Shared secrets longer than 31 characters will display garbage passwords. Another cause of garbage passwords being logged is the secret being too long. Certain NAS boxes have limitations on the length of the secret and don't complain about it. FreeRADIUS is limited to 31 characters for the shared secret. http://wiki.freeradius.org/guide/faq#Common-problems-and-their-solutions
-rw-r--r--config/freeradius2/freeradiusclients.xml2
1 files changed, 1 insertions, 1 deletions
diff --git a/config/freeradius2/freeradiusclients.xml b/config/freeradius2/freeradiusclients.xml
index 4e66a597..99ac2af1 100644
--- a/config/freeradius2/freeradiusclients.xml
+++ b/config/freeradius2/freeradiusclients.xml
@@ -163,7 +163,7 @@
<field>
<fielddescr>Client Shared Secret</fielddescr>
<fieldname>varclientsharedsecret</fieldname>
- <description><![CDATA[Enter the shared secret of the RADIUS client here. This is the shared secret (password) which the NAS (switch or accesspoint) needs to communicate with the RADIUS server.]]></description>
+ <description><![CDATA[Enter the shared secret of the RADIUS client here. This is the shared secret (password) which the NAS (switch or accesspoint) needs to communicate with the RADIUS server. FreeRADIUS is limited to 31 characters for the shared secret.]]></description>
<type>password</type>
<required/>
</field>