[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: crypt replication credentials in slapd.conf?



On Fri, 10 Dec 2004, Brian K. Jones wrote:

> Is it possible to crypt the value for the "credentials" key in
> slapd.conf? Seems like it should be supported, but I haven't seen a
> single reference to it online or in the 1000+ message archive on my
> local machine. If it's not, is it planned? What gives?

You can only obfuscate it since it needs to be sent in plaintext
to the remote.  You could symmetrically encrypt it, but then you'd have to
put the key somewhere.

Just make slapd.conf mode 600 and use differnet passwords for the master
and your replicas.

-- 
Doug White                    |  FreeBSD: The Power to Serve
dwhite@gumbysoft.com          |  www.FreeBSD.org