Bug #12199: ipsec pre-shared keys are stored in cleartext - pfSense - pfSense bugtracker

Actions

Copy link

Bug #12199

closed

ipsec pre-shared keys are stored in cleartext

Added by Stefan Bauer over 3 years ago. Updated about 1 month ago.

Status:

Not a Bug

Priority:

Normal

Assignee:

Category:

IPsec

Target version:

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Default

Affected Version:

Affected Architecture:

Description

If one adds a pre-shared key via VPN -> IPSec -> Pre-Shared Keys, these keys are visible and stored in cleartext.
Please store this sensitive informations encrypted like when adding a user password.

Actions

Copy link

Updated by Jim Pingle over 3 years ago

Status changed from New to Not a Bug

https://docs.netgate.com/pfsense/en/latest/backup/password-security.html

Actions

Copy link

Updated by Alex Kolesnik about 1 month ago

Hi Jim. Is there a chance to hide passwords from the Pre-shared keys page (/vpn_ipsec_keys.php)? I'd suggest to add controls to show/ide an individual password or all passwords at once. I believe that would improve the security posture even when we all know that the passwords can be retrieved. At least they would be hidden from an unintentional disclosure.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #12199

ipsec pre-shared keys are stored in cleartext

Updated by Jim Pingle over 3 years ago

Updated by Alex Kolesnik about 1 month ago