[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: problem with cleartext password setup
On Tuesday 05 February 2008 14:14:35 Pat Riehecky imposed structure on a
stream of electrons, yielding:
> My reading the archives has lead me to believe that DIGEST-MD5 will
> require me to store passwords in cleartext. To evaluate the usefulness
> of this at my site (little point in storing them cleartext if nothing
> can use DIGEST-MD5) I have setup a test server, but the password keeps
> getting hashed
>
> I have added password-hash {CLEARTEXT} to my slapd.conf (which gave me
> password-hash {CLEARTEXT},{SSHA},{SMD5},{CRYPT}). That didn't do it, so
> I went for just password-hash {CLEARTEXT}. That also keeps getting my
> passwords hashed.
>
> Strangely they are not prefixed with the {HASHTYPE}.
>
> When I run
> ldappasswd -H ldapi:/// -D "cn=testuser,dc=iwu,dc=edu" -w Please -x -s
> please
>
> In LDAP I get
>
> userPassword:: cGxlYXNl
>
Why do you think it's hashed? :
% echo cGxlYXNl | openssl base64 -d | cat
please
It's cleartext, just base64 encoded.
Karsten.
--
Those who in quarrels interpose, must often wipe a bloody nose.