[Date Prev][Date Next] [Chronological] [Thread] [Top]

secure passwords

To: openldap-technical@openldap.org
Subject: secure passwords
From: sim123 <Sim3159@gmail.com>
Date: Tue, 13 Sep 2011 14:01:23 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=gPFTLSYytX/jQnU06+KPJPS0poqL+ghtQRF+uFrf680=; b=l9E+FWiYnphUHVLLxzMZFV9pc4pfthz1CqB3xoj+LJATsSaYqcKmTHk5+tmcw2Vw1P EsjZCUVvMV1aMC5wEBAKwIbBaAZ5acxOB8YkgIFiPIdakT/puEfxAL4gC1+VZIbVyJi1 0mEkYoI+NO9Lnuv9WLTHURLyTq9TJ5BsGpQM4=

Hi All,

I am trying to store SSHA passwords in openldap instead of plain text via C code and wondering how this works. I tried exploring archives, FAQ etc and what I gathered from there is openLDAP has built in support for various password encryption algorithm however it does not have any APIs for generating passwords and password-has directive works with ldpapassword utility only.

http://www.openldap.org/faq/data/cache/906.html

If I use some tool like Apache DS and modify my userPassword attribute to be SSHA instead of plain text it all works. I want to know how this works under the hood? Who is responsible for generating hashed passwords? If I generate it using some C routine how does LDAP Server retrieves it during the bind operation? I would really appreciate if there is any related documentation available.

Thanks for the help and support.

Follow-Ups:
- Re: secure passwords
  - From: sim123 <Sim3159@gmail.com>
- Re: secure passwords
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

Prev by Date: Problem replicating ACL changes in back-config from master to slaves: SEGFAULT
Next by Date: Re: Bind with attribute + RDN instead of DN
Index(es):
- Chronological
- Thread