[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using {CRYPT} for rootpw, using SHA512?

--On Thursday, August 14, 2014 2:45 PM -0700 Quanah Gibson-Mount <quanah@zimbra.com> wrote:

--On Thursday, August 14, 2014 5:05 PM -0400 Brian Reichert
<reichert@numachi.com> wrote:

I've been messing with trying to get SHA512 password hash formats in
openldap 2.4.39 under a 64-bit CentOS 6 distribution, using the LTB RPMs.

SHA512 works fine for me with 2.4.39.

More specifically, I build openldap myself, and I do:

       (cd openldap-$(LDAP_VERSION)/contrib/slapd-modules/passwd/sha2; \

LD_RUN_PATH=$(LDAP_LIB_DIR):$(OPENSSL_LIB_DIR):$(CYRUS_LIB_DIR):$(LIBTOOL_LIB_DIR) $(MAKE) prefix=$(ZIMBRA_HOME)/openldap-$(LDAP_VERSION) libexecdir=$(ZIMBRA_HOME)/openldap-$(LDAP_VERSION)/sbin LIBS="-L$(LDAP_LIB_DIR) -lldap_r -llber" install STRIP=""; \

to build the module and then load the module:

olcModuleLoad: {7}pw-sha2.la

Then set the password hash in the frontend DB:

{-1}frontend DB:

olcPasswordHash: {SSHA512}



Quanah Gibson-Mount
Server Architect
Zimbra, Inc.
Zimbra ::  the leader in open source messaging and collaboration