How to enable password hashing (SSHA) in openLDAP

Question

How to enable password hashing (SSHA) in openLDAP

In my life I cannot find anywhere, and if anyone could just give me a link, I would be very grateful.

We are trying to enable SSHA hashing in openLDAP. By default, it stores passwords in clear text, which I think is criminal, but, hey, I'm an AD guy, so I know. But you might think that they make it easier to find the information you need to enable hashing if you want to. And do not choose?

+5

passwords hash salt openldap ssha

Sevil natas Jul 31 '12 at 0:30

source share

4 answers

LDAP . , "", - , , .

+2

jeffmedcalf 31 . '12 4:17

OpenLDAP . , , . , . , ldapsearch :

userPassword: {SSHA}d0Q0626PSH9VUld7yWpR0k6BlpQmtczb

. http://www.openldap.org/doc/admin24/security.html.

, http://phpldapadmin.sourceforge.net

+1

anttix 31 . '12 0:37

userPassword / LDAP, userPassword . , ppolicy_hash_cleartext ppolicy OpenLDAP. , , SSHA. - OpenLADP

+1

Asela 26 . '15 7:33

Najmuddin · Accepted Answer · 2012-07-31T19:58:59+0000

You can use "password-hash" to change the hashing algorithm, the default is SSHA (fuzzy text).

, slapd , , , , , .

: pam_ldap, pam_password exop ( clear)

, , , openLDAP touts?

, slapd can not , (ppolicy / ).

:

, ssl/tls ( )
userpassword ({}), base64 -d .

: (:: , base64)

userPassword:: e1NTSEF9QjU0VXNmQWhJN1dQZ3FvbDVSQ1l5RHUzTlVqa1luVVhYV2ljbmc9PQ=
 =

$ echo e1NTSEF9QjU0VXNmQWhJN1dQZ3FvbDVSQ1l5RHUzTlVqa1luVVhYV2ljbmc9PQ==|openssl base64 -d
{SSHA}B54UsfAhI7WPgqol5RCYyDu3NUjkYnUXXWicng==

How to enable password hashing (SSHA) in openLDAP

More articles: