I have built a percona xtradb cluster along with freeradius and radman GUI frontend for freeradius. Everything functions exactly as it should but I am missing one part:
The passwords in the DB are all being shown as cleartext. How can I ensure these passwords are encrypted in the DB please?
There are a few steps that should be done:
- Choose an Encryption Method
- Modify the FreeRADIUS Configuration
- Update Your Schema (please make a backup before this step)
- Write a script that goes through each password, encrypts it, and updates the database.
- Implement Password Encryption in RadMan GUI
Ensure that RadMan GUI:
- Encrypts new passwords before sending them to the database
- Understands how to handle encrypted passwords during authentication processes.
The database does not encrypt your application data for you. You must code your application to do this. As Evgeniy says, you need to decide how you want to do this. Databases support data-at-rest encryption so that anything you write to the database will be encrypted on disk, but if you store plain-text passwords into the table, then you still get plaintext passwords when you SELECT. You must do this encryption in your application.