[Date Prev][Date Next]
When/why use slappasswd or any password digests
- To: openldap list <openldap-software@OpenLDAP.org>
- Subject: When/why use slappasswd or any password digests
- From: Thomas Gagné <email@example.com>
- Date: Wed, 24 Mar 2004 11:05:35 -0500
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113
I'm trying to understand the role encrypted passwords play in OpenLDAP.
I thought they were an alternative way to exchange passwords. Instead
of sending them in the clear during ldap_bind_s() I thought I could
supply one of the HASHs--but this doesn't seem to work.
To use SSHA encryption am I supposed to first create an SSHA digest of
my password to use in ldap_passwd_s()?
I've tried changing the password to something I got from slappasswd then
signing back in using the same password but a different digest (as SSHA
is supposed to do) but I get Invalid Credentials.
Are the digests something used strictly for storing the passwords? Is
there any way/reason to use the digests?
remove email address' dashes for replies
opensource middleware at <http://isectd.sourceforge.net>