[Date Prev][Date Next]
Re: SASL and non-cleartext passwords storage
Julien Vehent wrote:
This method is nice because it avoid having an additional software in
between postfix and cyrus (pam-ldap or saslauthd). But the problem is
that ldapdb requires to use DIGEST-MD5 and therefore to store the
passwords in cleartext in the directory.
ldapdb doesn't require any such thing. DIGEST-MD5 requires plaintext. If you
don't want to store plaintext passwords, don't use DIGEST-MD5.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/