[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Openldap support SHA-256 or SHA-3.
- To: Quanah Gibson-Mount <quanah@symas.com>
- Subject: Re: Openldap support SHA-256 or SHA-3.
- From: Geert Hendrickx <geert@hendrickx.be>
- Date: Wed, 8 Jan 2020 18:04:22 +0100
- Cc: openldap-technical@openldap.org
- Content-disposition: inline
- Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=hendrickx.be; s=geert; t=1578503062; bh=b5GS2voxp97/BP6Cr+f5/Xw8JCCBtjVK3279PnVIy+A=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=e+OGdZO9x1RsjVY2h8X8TOO1WqwD7hvYl6OsmOASzfUXsweD1NWIpisNyHsk1MHTd h7y9oCp3vSp9ohb2nsDyYLOxgB/dkzokADsnf3DZLIaYRZ8CnOtbitPamcQQ95mx9J yHGiqlZGFA6H5Q61sDsWjSyKk6C1qMkj2scY3aHT1wkvVkdi6aVmFmUvvRaat4/EMo wBS257LWHlSBc0NlMy6H7OFCwC0ekyyMJs5Rm+wJCJai5UuCXrfTv1PA47IMAyGlJK 7Y9eqt/rm8kRP4P/8KVzrs1D34IaFngp6W9DuU4Z/Ei2kGdeOYmUQvYly/ZeY4DHFb wKfJdrdJiyJZQ==
- In-reply-to: <1C6038D9E08BE216B90B3FF4@[192.168.1.144]>
- References: <CALm_Vjh4vgOBu8kZrJzRheAyqbZVL0OoE-nRAvc1z+nb-Eow9Q@mail.gmail.com> <67753E9A5A2A2945F035E0CC@192.168.1.144> <CALm_Vji=Mok7kkZ96+EEAu_Osw0rVjBANBrdejKFs=fEr--3HQ@mail.gmail.com> <1C6038D9E08BE216B90B3FF4@[192.168.1.144]>
On Tue, Jan 07, 2020 at 12:22:05 -0800, Quanah Gibson-Mount wrote:
> After deploying the sha2 module, all users must change their password so
> the hash gets updated. There is no way to magically convert existing
> hashes from SSHA1 to another scheme.
A controversial solution, but slapd could re-hash the password after a
succesful authentication.
Geert
--
geert.hendrickx.be :: geert@hendrickx.be :: PGP: 0xC4BB9E9F
This e-mail was composed using 100% recycled spam messages!