[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using {CRYPT} for rootpw, using SHA512?

To: openldap-technical@openldap.org
Subject: Re: using {CRYPT} for rootpw, using SHA512?
From: Mirosław Baran <miroslaw@makabra.org>
Date: Mon, 18 Aug 2014 11:21:17 +0100
In-reply-to: <53F1BC00020000A100016ADD@gwsmtp1.uni-regensburg.de>
References: <20140814200516.GI30182@numachi.com> <CAMSfXX+CiBV6ddW4rv_9EBjjCRL0cc9z_3=7q5uCu1svjqcGaA@mail.gmail.com> <20140815143811.GN30182@numachi.com> <53F1BC00020000A100016ADD@gwsmtp1.uni-regensburg.de>
User-agent: Roundcube Webmail/1.1-git

Only the first example given is actually crypt() in the strict sense;
the second example given is an glibc extension to crypt (SHA-512
(since glibc 2.7))

So if that is going to work cross-plattform, you must have a recent
version of glibc everywhere, I guess. Details in "crypt(3)"...

Well, as long as the only place the password is checked/hashed happensto bethe LDAP server (running on reasonably recent glibc), it should workfine even

for non-glibc-based clients.

Best regards,
– Miroslaw Baran

References:
- using {CRYPT} for rootpw, using SHA512?
  - From: Brian Reichert <reichert@numachi.com>
- Re: using {CRYPT} for rootpw, using SHA512?
  - From: Brian Reichert <reichert@numachi.com>
- Antw: Re: using {CRYPT} for rootpw, using SHA512?
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>

Prev by Date: Re: what happened to the openldap toolbox project?
Next by Date: Antw: Q: querying accesslog with reqStart>=partial time spec
Index(es):
- Chronological
- Thread