I recently set up a freeradius server and would like to change the user password that is presently in cleartext to encrypted in the /etc/freeradius/3.0/users file.
This is what it looks like on the server.
When I authenticate on the server, I can see the username and password in the /var/log/freeradius/radius.log
file. How can I get it encrypted? I'm using Debian.
Best Answer
Here is the list of attributes coresponding to the hashing method : https://freeradius.org/radiusd/man/rlm_pap.txt
Don't forget that the protocol and method you are using to authenticate your client will affect wich method of hashing you can use.
You can find a table I used to configure my Freeradius server for the protocol and password compatibility : http://deployingradius.com/documents/protocols/compatibility.html
To generate a sha256 salted password, I used the following script on github (you need to edit the last 2 lines to change the password and the salt) : https://gist.github.com/bestrocker221/f506eee8ccadc60cab71d5f633b7cc07