[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pam_ldap exop/ldappasswd and salted hashes fail

To: openldap-software@OpenLDAP.org
Subject: Re: pam_ldap exop/ldappasswd and salted hashes fail
From: "Keith T. Garner" <kgarner@kgarner.com>
Date: Wed, 6 Feb 2002 13:15:58 -0600
Content-disposition: inline
In-reply-to: <20020205233637.GB20886@nickel.kgarner.com>
References: <20020205233637.GB20886@nickel.kgarner.com>
User-agent: Mutt/1.3.26i

On Tue, Feb 05, 2002 at 05:36:37, Keith T. Garner said:
> I've got a weird problem where slapd won't change the password if I pick
> ssha or smd5 when specifying password-hash in slapd.conf.  Using md5 or
> sha works.

Nevermind, I found the answer to my problem.  I forgot to point out in
my original post that I'm running slapd chrooted.  Guess what wasn't
in chroot?  /dev/random and/or /dev/urandom.  When using ssha or smd5,
slapd uses openssl to get the random bytes.  In turn, on systems with
a /dev/random, openssl uses that to get bytes.

I created the device in the chroot area, and BAM, ssha and smd5 work again.
Maybe this should be tossed in the FAQ?

Keith

-- 
   Keith T. Garner                                        kgarner@kgarner.com
   The whole problem with the world is that fools and fanatics are always so
 certain of themselves, and wiser people so full of doubts.  --Bertrand Russell

References:
- pam_ldap exop/ldappasswd and salted hashes fail
  - From: "Keith T. Garner" <kgarner@kgarner.com>

Prev by Date: Another ACL question ...
Next by Date: No such attribute
Index(es):
- Chronological
- Thread