[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Modern Password Hashes in Openldap?

To: Chris Hiestand <chiestand@salk.edu>, openldap-technical@openldap.org
Subject: Re: Modern Password Hashes in Openldap?
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Mon, 29 Apr 2013 15:51:08 -0700
Content-disposition: inline
In-reply-to: <235D6052-E1CD-41E3-92EF-191350F16439@salk.edu>
References: <235D6052-E1CD-41E3-92EF-191350F16439@salk.edu>

--On Monday, April 29, 2013 3:28 PM -0700 Chris Hiestand<chiestand@salk.edu> wrote:

Since SSHA-1 is weak these days I'd like to switch to PBKDF2, Bcrypt or
the like with key stretching. Since Openldap does not support relatively
strong hashes, do you guys use SASL to store stronger hashes? If so, what
kind of backend are you using to store hashes?

I would suggest you look at the contrib password module, which supports anumber of schemes.


--Quanah


--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

Follow-Ups:
- Re: Modern Password Hashes in Openldap?
  - From: Michael Ströder <michael@stroeder.com>

References:
- Modern Password Hashes in Openldap?
  - From: Chris Hiestand <chiestand@salk.edu>

Prev by Date: Modern Password Hashes in Openldap?
Next by Date: Re: Modern Password Hashes in Openldap?
Index(es):
- Chronological
- Thread