[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Decrypting SHA encrypted passwords?

> How does an application that does not do any password
> encrypting/decrypting on its own, such as a script using LDAPSEARCH,
> get access to LDAP passwords to use in a clear-text context such as
> FTP?

i believe the way that this works is that the application passes the
password in clear text to the ldap search which then encrypts the clear
text password (based of the seed), does a comparision to see if it matches
and then returns sucess or failure ot the application which in turn then
allows or disallows access.

the other possible way for it to work would be for the application to
request the encrypted password from the server, encrypt the password it's
self and do the comparision internally.  this would require the app to
have read access to all of the users passwords though where the other way
just requires auth access.