[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: about passwords



On Fri, 11 May 2001, Kevin J. Menard, Jr. wrote:

> Heya fellas,
>
>      Encrypting a password seems like a sound logical idea to me.  But
>      there do not appear to be any password tools for LDAP that I have
>      seen.  So, if I just wrote a program that calculated the MD5 hash
>      of a password and salt pair, and then stored that in my directory
>      as {crypt}$hash, would that be okay?  And when I authenticate
>      against that, do I authenticate in clear text, or can I create
>      another MD5 hash of the same password (with a more than likely
>      different salt), and authenticate against that?

See slappasswd(8c).  Hope this helps.






jerry


----------------------------------------------------------------------
   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com/  VA Linux Systems   gcarter@valinux.com
       http://www.samba.org/       SAMBA Team          jerry@samba.org
       http://www.plainjoe.org/                     jerry@plainjoe.org

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )