[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re[2]: userpassword formats

To: "Kalman KK Wan" <kkkwan@itsd.gcn.gov.hk>
Subject: Re[2]: userpassword formats
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 12 Oct 2000 20:22:09 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <48256977.000F35A0.00@itsmailgw.itsd.gcn.gov.hk>

At 10:46 AM 10/13/00 +0800, Kalman KK Wan wrote:
>What hash function does OpenLDAP use to compute the hash of userPassword?

OpenLDAP recognizes a variety of userPassword schemes for
authentication purposes: including hash schemes (e.g: {SSHA}
and {crypt}) as well as schemes which use external secret
storage (e.g.: {UNIX} and {SASL}).   When ldappasswd(1) is
used (or the underlying protocol mechanism), the server generates
the scheme indicated by passwd-hash slapd.conf(5) directive
(defaults to {SSHA}).

>Is it a LDAP standard?

The proposed standard (RFC 2256) calls defines userPassword
as a user attribute which holds a clear text password(s).
All this {hash} stuff violates the technical specification.

Kurt

References:
- Re[2]: userpassword formats
  - From: "Kalman KK Wan" <kkkwan@itsd.gcn.gov.hk>

Prev by Date: Re: Mixed ldap and ldaps?
Next by Date: Re: how to customise database fields
Index(es):
- Chronological
- Thread