[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem with cleartext password setup

On Tuesday 05 February 2008 14:14:35 Pat Riehecky imposed structure on a
stream of electrons, yielding:
> My reading the archives has lead me to believe that DIGEST-MD5 will
> require me to store passwords in cleartext.  To evaluate the usefulness
> of this at my site (little point in storing them cleartext if nothing
> can use DIGEST-MD5) I have setup a test server, but the password keeps
> getting hashed
> I have added password-hash {CLEARTEXT} to my slapd.conf  (which gave me
> password-hash {CLEARTEXT},{SSHA},{SMD5},{CRYPT}).  That didn't do it, so
> I went for just password-hash {CLEARTEXT}.  That also keeps getting my
> passwords hashed.
> Strangely they are not prefixed with the {HASHTYPE}.
> When I run
> ldappasswd -H ldapi:/// -D "cn=testuser,dc=iwu,dc=edu" -w Please -x -s
> please
> In LDAP I get
> userPassword:: cGxlYXNl

Why do you think it's hashed? :

% echo cGxlYXNl | openssl base64 -d | cat 

It's cleartext, just base64 encoded.

Those who in quarrels interpose, must often wipe a bloody nose.