[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Revisiting the SHA1 default password hash

To: openldap-devel@openldap.org
Subject: Re: Revisiting the SHA1 default password hash
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Fri, 03 Mar 2017 12:57:12 -0800
Content-disposition: inline
In-reply-to: <WM!613014872e39d7ea4fc6b085d09fc7b73081fe30e5d35c90d65ac5aa2d4fc8b7e8d87b7360eaae55838565d69db71ae0!@mailstronghold-3.zmailcloud.com>
References: <B4A6086DCB7954D816BB8528@[192.168.1.30]> <2ec6af76-ca87-5694-e0ed-3e8e572c5f4a@stroeder.com> <WM!68af734acd6f844fa34c87273fb1ed9f4e6f09b89b52853f29e034d6c6362863e9c83ac420defb43eeab71fe573b25c5!@mailstronghold-3.zmailcloud.com> <ed9deb4d-d0dd-3753-b9bb-f26e93416ca1@symas.com> <WM!44c3fc316d52ca6a2b7efbf8459ab01bde505ca8f7eb591170380646a1cdd6b408c5bc863aa9be41945e412f2d648f74!@mailstronghold-1.zmailcloud.com> <BE8C61AE98C00B38B7A980A1@[192.168.1.30]> <68af7039-249b-497c-8b7f-1c4f5c372dd8@symas.com> <1487993468.25823.67.camel@samba.org> <WM!613014872e39d7ea4fc6b085d09fc7b73081fe30e5d35c90d65ac5aa2d4fc8b7e8d87b7360eaae55838565d69db71ae0!@mailstronghold-3.zmailcloud.com>

--On Saturday, February 25, 2017 4:31 PM +1300 Andrew Bartlett<abartlet@samba.org> wrote:

When I asked notable Kiwi security researcher Peter Gutmann on the
sidelines of Kiwicon about what to use if I ever imagined a Samba un-
shackled from the restrictions of Windows compatibility (the printed
conference program poked fun at AD for MD4), he strongly recommended
Argon2 as mentioned in the link above.

Either way, I'll follow this thread with interest, as I'm keen to have
a password hash in Samba that is both best-of-breed and shared between
modern OpenLDAP and Samba, for our administrators who need password
sync.

There's actually an argon module that has been submitted for inclusion inOpenLDAP (Via ITS#8575). So we may want to start with that.


--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Next by Date: scrypt ASICs - litecoin N, r, p settings - Re: Revisiting the SHA1 default password hash
Index(es):
- Chronological
- Thread