[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pam_ldap exop/ldappasswd and salted hashes fail

On Tue, Feb 05, 2002 at 05:36:37, Keith T. Garner said:
> I've got a weird problem where slapd won't change the password if I pick
> ssha or smd5 when specifying password-hash in slapd.conf.  Using md5 or
> sha works.

Nevermind, I found the answer to my problem.  I forgot to point out in
my original post that I'm running slapd chrooted.  Guess what wasn't
in chroot?  /dev/random and/or /dev/urandom.  When using ssha or smd5,
slapd uses openssl to get the random bytes.  In turn, on systems with
a /dev/random, openssl uses that to get bytes.

I created the device in the chroot area, and BAM, ssha and smd5 work again.
Maybe this should be tossed in the FAQ?


   Keith T. Garner                                        kgarner@kgarner.com
   The whole problem with the world is that fools and fanatics are always so
 certain of themselves, and wiser people so full of doubts.  --Bertrand Russell