[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap password problems

To: Quanah Gibson-Mount <quanah@zimbra.com>, openldap-technical@openldap.org
Subject: Re: Openldap password problems
From: Michael Ströder <michael@stroeder.com>
Date: Fri, 15 May 2015 11:08:22 +0200
In-reply-to: <C3355CC582D7C4A3B1597779@[192.168.1.9]>
References: <BAY178-W28F5C4ED608B4340D6A1A8FDD80@phx.gbl>, <DB9E83819120DD4AC028FC56@[192.168.1.9]> <BAY178-W50693B7028C364F1EA2A77FDD80@phx.gbl> <SN1PR08MB1743E57A854742B4FDE795DDB3D80@SN1PR08MB1743.namprd08.prod.outlook.com> <C3355CC582D7C4A3B1597779@[192.168.1.9]>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33.1

Quanah Gibson-Mount wrote:

Setting the default to {CRYPT} is a security nightmare,

Such a general statement is non-sense without taking a closer look at whichcrypt scheme is really used.

Consult your local crypt(3) man page to see whether crypt schemes like "$6$"or "$2b$" are supported on your system which are definitely stronger thansimple {SSHA}. Then use password-crypt-salt-format to make use of such a cryptscheme.


Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- RE: Openldap password problems
  - From: Albert Braden <abraden@about.com>

References:
- RE: Openldap password problems
  - From: jeevan kc <jeev_biz@hotmail.com>
- RE: Openldap password problems
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- RE: Openldap password problems
  - From: jeevan kc <jeev_biz@hotmail.com>
- RE: Openldap password problems
  - From: Craig White <CWhite@skytouchtechnology.com>
- RE: Openldap password problems
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

Prev by Date: RE: Openldap password problems
Next by Date: openldap 2.4.40 ldapserach limit
Index(es):
- Chronological
- Thread