[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Encrypting Authentication Passwords.

TLS (SSL) provides transport layer protections including
data stream encryption.  That is, TLS protects data in
transit.  1.2 does not support TLS.

Passwords may be hashed, not encrypted.  In 1.2, hashing
must be done by the client such as ldappasswd(1).  Very
few clients implement password hashing.

IIRC, the PADL PAM/NSS modules support password hashing and
TLS.  Details regard features of PADL software can be obtained
by review their document or using lists <pamldap@padl.com>
or <nssldap@padl.com> (depending on which of their modules
you are using).