[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: {CRYPT} password to {SHA}



Buchan Milne wrote:
Except by brute-forcing, no.

If you think logically about this, you will realise that this should be impossible.

Yes I pretty much figured both answers, was just making sure I didn't overlook something.


The best option here is to change the default password hashing method (see the 'password-hash' directive for slapd.conf), and force password changes (if done via an LDAP password change extended operation, slapd will take care of hashing the password correctly).

How would I force a password change? Currently authentication through LDAP (using pam) is done mainly for email and ssh to a lesser extent.


Regards,
Jeroen