Admin user password saved in clear… ?
-
Hi,
In order to sync pfSense servers (HA), we need to enter admin user password.
Is it normal that this password is saved in clear in the backup files (while in the same file, user passwords are encrypted) ?
Thanks,
Hakim -
https://doc.pfsense.org/index.php/Why_are_some_passwords_stored_in_plaintext_in_config.xml
-
Also, on 2.4.x you do not need to use admin for this. Create a new user for synchronizing and give it the "System - HA node sync" privilege. Once that user synchronizes to both nodes you can then set that user/pass as the sync user on the primary under System > High Avail Sync.