Re: SSHA Encryption

[Daniel Merino <daniel.merino@unavarra.es>]

Thank you for the advice, but I remember that time ago I modified a 
record and if I writed {crypt} before the password, then automatically 
it was added encrypted. That's what I'm looking for.

I can't use ldappasswd, because I'm just trying to do this for aplying 
it after to the Novell LDAP Library for Java, and they change the 
password with a modification (delete & add), but they don't talk nothing 
about encryption, so I think that could be a LDAP matter.

I'm really lost...
Thank you.

Howard Chu wrote:

> Daniel Merino wrote:
>
> > Hi all.
> >
> > I have LDAP records with their userPassword field encrypted with 
> > SSHA. When I do a ldapsearch, I receive something like this:
> >
> > userpassword={SSHA}cYH1lop+FfWT5Ttua1h8P7x/xEZePQsLP2KIaA==
> >
> > But when I do a ldapmodify, delete the old password and add the new, 
> > i.e.:
> >
> > add: userpassword
> > userpassword: 828f656
> > -
> >
> > I change the password, but it doesn't encrypt it and the next 
> > ldapsearch that I do shows this field in plain text.
>
>
> That is the way ldapmodify works. Use ldappasswd to change passwords.

--
Daniel Merino
daniel.merino@unavarra.es
Tfno: 948-168951 - Sección de Gestión
Servicio Informático - Universidad Pública de Navarra.