RADIUS shared secret is not redacted from "show configuration" op mode command
Closed, ResolvedPublicBUG
Actions

Assigned To

None

Authored By

	c-po
	Oct 22 2019, 11:03 PM

Description

When issuing a show configuration command from op-mode private information is redacted from e.g. user names or VPN private keys. The RADIUS shared-secret is not redacted - but it should.

system {
    login {
        radius-server 192.0.2.1 {
            port 1812
            secret secret123
            timeout 2
        }
        user admin {
            authentication {
                encrypted-password ****************
                plaintext-password ****************
            }

            level admin
        }
    }

Details

Difficulty level: Easy (less than an hour)
Version: 1.2.3
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Event Timeline

c-po created this task.Oct 22 2019, 11:03 PM

pasik added a subscriber: pasik.Oct 27 2019, 5:41 PM

syncer triaged this task as Low priority.Nov 16 2019, 10:56 PM

syncer edited projects, added VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.

already resolved in latest rolling due to rename of the node from secret to key.

https://github.com/vyos/vyatta-op/blob/current/scripts/vyos-strip-config.pl#L135

c-po moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.Mar 22 2020, 8:52 AM

erkin set Issue type to Bug (incorrect behavior).Aug 31 2021, 6:27 PM

syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 30 2022, 2:03 PM

syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.

RADIUS shared secret is not redacted from "show configuration" op mode commandClosed, ResolvedPublicBUGActions

Description

Details

Event Timeline

RADIUS shared secret is not redacted from "show configuration" op mode command
Closed, ResolvedPublicBUG
Actions