[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP replication 'credentials'



Mark W Apperson <Mark_W_Apperson@raytheon.com> wrote:

> We will be using OpenLDAP with TLS, and also plan to use the OpenLDAP
> replication as well.
> 
> I would like to keep plain text passwords out of config files.  We are
> using the '{SSHA}' configuration option for the 'rootdn' configuration
> variable.  Is there something similar that I can use for the replication
> 'credentials'?

What about using certificate authentication? That completely removes the
need for a replication password.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org