Encryption or hash for password?

To: openldap-technical@openldap.org

Subject: Encryption or hash for password?

From: Gerhardus Geldenhuis <gerhardus.geldenhuis@gmail.com>

Date: Fri, 15 Mar 2013 14:58:09 +0000

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=gEiuKut3Lx2iX6ce12rHO8hWlKs+0EypGS+bkyLPN2s=; b=mcc5AVY7FUAmvvvLra8tVf58XVA0rR4RA8lknVJMgaCx6IayRYRPVhWR6kWZT4J5ME zpQBGWb9Q7YBpGBR9x0eEI7Xkoeg+mEeXkUvF3MsO3z2aFM/RbA1Xut700N10T13opqL qEjadLZTG6wAN1XuPuOG2SKOIaICE2c8QJ5V0RdWiH61yveuTaeGDEytjtNAxqHUlUev yp8sXNndPWNdTrbmq2YB3kXoUgE5k5jLnsZJGuSwTRU4jXSRuo+JLW+UxF1ZRBqQC/Hc tBUCwWlKvGrK1zerolvoJpg5bF2sUA2kDNHiYGe+eGpFs5SE9nShI0W4Gj7Z3VFsemHe wKqA==

I am using the default Ubuntu 12.10 openldap installation and have inherited an existing ldap setup. When I do a slapcat -n 1

It shows userPassword entries as follows:

userPassword:: e2NyeFB0fSQxJEkwKGc3bGJjJFpwL3JndlpCZDBlSPZuZGdoMFczTC8=

( password string has been edited... )

I am not sure how this is encoded... is there a way to find out? I have tried md5 which is currently the default encoding for our servers.

I have also tried slappasswd with various -h option to see if I can recreate the same hash if it is a hash.

I want to add new users using ldif and would like to encrypt/hash their passwords in a similar fashion if possible.

Any help would be appreciated.

Regards

--
Gerhardus Geldenhuis