[Date Prev][Date Next]
- To: firstname.lastname@example.org
- Subject: secure passwords
- From: sim123 <Sim3159@gmail.com>
- Date: Tue, 13 Sep 2011 14:01:23 -0700
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=gPFTLSYytX/jQnU06+KPJPS0poqL+ghtQRF+uFrf680=; b=l9E+FWiYnphUHVLLxzMZFV9pc4pfthz1CqB3xoj+LJATsSaYqcKmTHk5+tmcw2Vw1P EsjZCUVvMV1aMC5wEBAKwIbBaAZ5acxOB8YkgIFiPIdakT/puEfxAL4gC1+VZIbVyJi1 0mEkYoI+NO9Lnuv9WLTHURLyTq9TJ5BsGpQM4=
I am trying to store SSHA passwords in openldap instead of plain text via C code and wondering how this works. I tried exploring archives, FAQ etc and what I gathered from there is openLDAP has built in support for various password encryption algorithm however it does not have any APIs for generating passwords and password-has directive works with ldpapassword utility only.
If I use some tool like Apache DS and modify my userPassword attribute to be SSHA instead of plain text it all works. I want to know how this works under the hood? Who is responsible for generating hashed passwords? If I generate it using some C routine how does LDAP Server retrieves it during the bind operation? I would really appreciate if there is any related documentation available.
Thanks for the help and support.