[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSHA for rootdn issue

Hallo Peter,

On Sun, 10 Aug 2003 16:53:49 +0200
Peter Marschall <peter@adpm.de> wrote:

> Hi,
> On Friday 08 August 2003 22:42, joerg@schuetter.org wrote:

> > base64 decoded password results in: '{CRYPT}LS..2vtaMyelg', but
> > crypt.crypt('secret', 'LS') (generate crypt with seed 'LS') results
> > 'LSgOjE04PUmqs'. Is there a reason for using bas64 coded strings?
> Although I am not the original poster, I think I can answer your last 
> question.
> When doing a ldapsearch, user passwords are returned base 64 encoded.
> I don't know the exact reason for this behaviour but I assume it's the
> curly braces that make ldapsearch behave this way.

I sniffed the traffic between OpenLdap 2.1.22 (Debian sid) and gq (also
Debian sid). The passwort is delivered in plain, no encoding.


Jörg Schütter           http://www.lug-untermain.de/
joerg@schuetter.org     http://mypenguin.bei.t-online.de/