[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Authentication for a script?



tir, 2003-02-04 kl. 17:09 skrev Erik Williamson:

> So, for the script to work, it needs to bind as the root DN.  And
> there's no way that people will be comfortable with us having the root
> password embedded in a script on every host (Well, mode 0700 might be
> okay, but...)!  I'm new with SASL, TLS & certificates - is there a way
> to use these to get around this?

There's no reason you shouldn't do it with, f. ex. SASL DIGEST-MD5. In
which case, the userPassword would be kept on a central DSA, right
enough in cleartext, if you don't have any problems with that. Then
there's Kerberos etc.

Look back at the archives for last Friday for the DIGEST-MD5
alternative.

Best,

Tony

-- 

Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl