[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: type of password (ITS#918)



On Thu, Dec 07, 2000 at 10:38:15AM +0000, rick@eazel.com wrote:
> I hope this is the correct list to post this at if not let me know please.
> I would like to request an addition.  With the NS ldap server when a
> ldapsearch is done I am fed back the type of password ie.. crypt or SHA but
> with an openldap server I dont see the type of encryption.  I know this is
> kind of trivial but I ran into it while shifting from netscape to openldap.

Actually, this is the wrong list, but your answer lies in correct
implmentation.

Encrytped passwords should be stored like this in the LDAP server:

userPassword: {type}hash

So for example you would have something like (standard DES crypt):

userPassword: {crypt}H7ala09A.

or (sha1 hash)

userPassword: {sha1}....

or (standard crypt with md5 hash)

userPassword: {crypt}$1$ajs90d98as$lkakaksksjakslsls

Ben

-- 
 -----------=======-=-======-=========-----------=====------------=-=------
/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins@debian.org  --  bcollins@openldap.org  --  bcollins@linux.com  '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'