Hi,
I have a fully functioning FreeRadius OPNsense plugin running for my VPN customers, but I don't like the fact that passwords are by default stored as clear text in the /usr/local/etc/raddb/users file. I am using the VLAN and network attributes of the FreeRadius plugin, so its not an option to use an external system.
What are my options to locally store passwords hashed or encrypted on the OPNsense firewall and still be able to use Network/VLAN attribute?
/Klavs
Ideally it would be nice if it could be somehow changed to a SHA256 hash or better ;D
testuser6 Sha2-Password := "fdf4344add3e9931cb5b487f6ea3b108ba4518507ff3a6e0a97d39625c795627"
Encrypted auth usually required plain password. Why is this a risk? No one but you should have Access to filesystem