[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slappasswd question



Andrew Kay wrote:
Greg,

According to

http://www.openldap.org/devel/cvsweb.cgi/~checkout~/libraries/liblutil/passwd.c?rev=1.105&hideattic=1&sortbydate=0

The actual definition of SSHA comes from Netscape. You can get some info in the FAQ.
http://www.openldap.org/faq/index.cgi?file=347

the salt is 4 bytes long. You don't specify a salt, a salt is randomly generated when your password is hashed.

Pretty standard practice for password hashing. (E.g., old Unix crypt uses a two character salt.)


--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/