hide-sensitive doesn't?

sejtam · January 4, 2015, 6:21am

RB2011 with 6.24

I ran a backup

/export file=c hide-sensitive

however, several items of sensitive info were still left in the output file (somewhat mangled by me)

add coa-port=1700 customer=admin disabled=no ip-address=127.0.0.2 log=\
    auth-fail name=koerberGW shared-secret=myRadiusSecret use-coa=no

set address=74.125.130.16 from="myRouter <my@email>" last-status=\
    succeeded password=<mySMPTpassword> port=587 start-tls=yes user=\
    me@me

btw: is that COA port needed when authenticating against the local Userman?

boen_robot · January 4, 2015, 1:20pm

I think those don’t count as sensitive, because they’re passwords to external services, whereas “hide-sensitive” is intended to hide local sensitive data - passwords that the router itself defines and authenticates others against.

sejtam · January 5, 2015, 6:09am

unfortunate, as currently I have only an outside SMTP server to send this through. It would be nice if it could obscure all such fields (or had a facility to encrypt the file locally before sending/es part of the export).

No, I don’t just want the file to stay local, as I may need to it recover service in case I’m locked out or lost the router