[Date Prev][Date Next] [Chronological] [Thread] [Top]

Antw: Passwords, Hashing, and Binds

To: "Bram Cymet" <bcymet@cbnco.com>, "openldap-technical@OpenLDAP.org" <openldap-technical@openldap.org>
Subject: Antw: Passwords, Hashing, and Binds
From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
Date: Fri, 29 Aug 2014 08:55:44 +0200
Content-disposition: inline
In-reply-to: <53FF9080.1050209@cbnco.com>
References: <53FF9080.1050209@cbnco.com>

>>> Bram Cymet <bcymet@cbnco.com> schrieb am 28.08.2014 um 22:26 in Nachricht
<53FF9080.1050209@cbnco.com>:
> Hi,
> 
> I am storing users passwords in a userPassword attribute. When the
> passwords are hashed with MD5 I can bind as the user just fine. If I
> hash the password with sha-256 I get invalid credentials.

I wonder: My slappasswd only knows about {SHA} and {SSHA}, {MD5} and {SMD5}, {CRYPT}, and {CLEARTEXT}. Section 14.4 of the manual indicates that hashed passwords are non-standard anyway. So implement the non-standard on your clients.

> 
> Is there something I have to change in my client?
> Is there something I have to change on the server?
> 
> Is binding a user with a password stored with sha-256 (or at least
> something better then md5) even possible?
> 
> Thanks,
> 
> -- 
> Bram Cymet
> Software Developer
> Canadian Bank Note Co. Ltd.
> 613-608-9752

Follow-Ups:
- Re: Antw: Passwords, Hashing, and Binds
  - From: Howard Chu <hyc@symas.com>
- Re: Antw: Passwords, Hashing, and Binds
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

References:
- Passwords, Hashing, and Binds
  - From: Bram Cymet <bcymet@cbnco.com>

Prev by Date: Antw: Re: keepalive parameter setting in openldap for consumer doesnot work
Next by Date: Re: Antw: Passwords, Hashing, and Binds
Index(es):
- Chronological
- Thread