[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: migrating MD5 shadowed passwords



Question then:

I'm using Sun's Java E-Commerce packages to MD5 encode plaintext passwords.
{MD5} works currently; however, should I be using {crypt} or {md5} for
these?  Just wondering, in case the ability to read MD5 passwords using the
{crypt} label is a non-standard feature of OpenLDAP that may be removed from
future versions, or indeed if the {md5} tag will be done away with
altogether.

Cheers,
D.

Dan Makovec
e-mail  dan@fatcanary.com.au <mailto:dan@fatcanary.com.au>
ICQ     1398090
Every day is a gift, that's why the present is so named





> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Luke Howard
> Sent: Tuesday, 22 February 2000 22:56
> To: vek@pharmapartners.nl
> Cc: openldap-software@OpenLDAP.org
> Subject: Re: migrating MD5 shadowed passwords
>
>
>
> >Ldap does support {md5} passwords in addition to {crypt} but if it uses
> >the exact same algorith as the new passord with MD5 I can't say.
>
> I believe the answer is "no" thus you should use {crypt} for libc
> MD5 passwords.
>
> Confusing, eh..
>
>
> -- Luke
>
> --
> Luke Howard
> PADL Software Pty Ltd
> http://www.padl.com
>