[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Storing 'userPassword' encrypted via server settings.



don@swbe.com wrote:

I've been wowrking towards setting up several HPUX servers to authenticate off
of openldap. So far I've got the appropriate schema added so that I can run
through the ldapux setup without problems and hook nss and pam into ldap. Authentication works, but when changing my password via the HPUX passwd command
it stores the password in clear text on the openldap server. I found this note
from 1999 and wondered if there has been any progress.


http://www.openldap.org/lists/openldap-bugs/199910/msg00018.html

Is it possible to change core.schema's attribute type for 'userPassword' to
accomplish server based encryption?

In case it matters I'm running HPUX 11i with LdapUxClient B.03.10

What's with password-hash in slapd.conf ('man slapd.conf', Openldap 2.1.23)? Me for cleartext anyway, for *-MD5 AUTH.


--Tonni

--
Tony Earnshaw

Do not CC me or your mail will probably be rejected.
I don't like this, either. Blame it on Swen and a slow
Internet connection.

http://www.billy.demon.nl
Mail: billy-at-billy.demon.nl