[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slappasswd question

To: Andrew Kay <andrewjkay@gmail.com>
Subject: Re: slappasswd question
From: Howard Chu <hyc@symas.com>
Date: Mon, 01 Jan 2007 08:17:19 -0800
Cc: openldap-software@openldap.org, greg.martin18@verizon.net
In-reply-to: <d5ec60970701010440h567f81c8p9e6d35f65e46355@mail.gmail.com>
References: <45973C9A.8030605@gmartin.org> <d5ec60970612310504v34b49058pbac416d94bebceb5@mail.gmail.com> <4597F415.9090807@gmartin.org> <d5ec60970701010440h567f81c8p9e6d35f65e46355@mail.gmail.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20061216 Netscape/7.2 (ax) Firefox/1.5 SeaMonkey/1.5a

Andrew Kay wrote:

Greg,
According to
http://www.openldap.org/devel/cvsweb.cgi/~checkout~/libraries/liblutil/passwd.c?rev=1.105&hideattic=1&sortbydate=0

The actual definition of SSHA comes from Netscape. You can get some info in the FAQ. http://www.openldap.org/faq/index.cgi?file=347


the salt is 4 bytes long.  You don't specify a salt, a salt is
randomly generated when your password is hashed.

Pretty standard practice for password hashing. (E.g., old Unix crypt uses a two character salt.)

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/

References:
- Re: slappasswd question
  - From: "Andrew Kay" <andrewjkay@gmail.com>

Prev by Date: Re: slappasswd question
Next by Date: Porting to Sun Galaxy
Index(es):
- Chronological
- Thread