[Date Prev][Date Next] [Chronological] [Thread] [Top]

When/why use slappasswd or any password digests

To: openldap list <openldap-software@OpenLDAP.org>
Subject: When/why use slappasswd or any password digests
From: Thomas Gagné <tgagne@wideopenwest.com>
Date: Wed, 24 Mar 2004 11:05:35 -0500
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113

I'm trying to understand the role encrypted passwords play in OpenLDAP. I thought they were an alternative way to exchange passwords. Instead of sending them in the clear during ldap_bind_s() I thought I could supply one of the HASHs--but this doesn't seem to work.

To use SSHA encryption am I supposed to first create an SSHA digest of my password to use in ldap_passwd_s()?

I've tried changing the password to something I got from slappasswd then signing back in using the same password but a different digest (as SSHA is supposed to do) but I get Invalid Credentials.

Are the digests something used strictly for storing the passwords? Is there any way/reason to use the digests?

--
.tom
remove email address' dashes for replies
opensource middleware at <http://isectd.sourceforge.net>
<http://gagne.homedns.org/~tgagne/>

Follow-Ups:
- Re: When/why use slappasswd or any password digests
  - From: Tony Earnshaw <tonye@billy.demon.nl>
- Re: When/why use slappasswd or any password digests
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: search / add operations suddenly became hopelessly slow
Next by Date: Re: How to confirm --enable-local
Index(es):
- Chronological
- Thread