[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: about passwords

To: "Kevin J. Menard, Jr." <kmenard@WPI.EDU>
Subject: Re: about passwords
From: Gerald Carter <gcarter@valinux.com>
Date: Fri, 11 May 2001 09:52:21 -0700 (PDT)
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <8812889223.20010511124249@wpi.edu>

On Fri, 11 May 2001, Kevin J. Menard, Jr. wrote:

> Heya fellas,
>
>      Encrypting a password seems like a sound logical idea to me.  But
>      there do not appear to be any password tools for LDAP that I have
>      seen.  So, if I just wrote a program that calculated the MD5 hash
>      of a password and salt pair, and then stored that in my directory
>      as {crypt}$hash, would that be okay?  And when I authenticate
>      against that, do I authenticate in clear text, or can I create
>      another MD5 hash of the same password (with a more than likely
>      different salt), and authenticate against that?

See slappasswd(8c).  Hope this helps.






jerry


----------------------------------------------------------------------
   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com/  VA Linux Systems   gcarter@valinux.com
       http://www.samba.org/       SAMBA Team          jerry@samba.org
       http://www.plainjoe.org/                     jerry@plainjoe.org

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

References:
- about passwords
  - From: "Kevin J. Menard, Jr." <kmenard@WPI.EDU>

Prev by Date: about passwords
Next by Date: Re: pam_ldap slow
Index(es):
- Chronological
- Thread