[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: storing ldap passwords on HSM
Am Mon, 8 Dec 2014 08:13:25 +0000
schrieb "lux-integ" <lux-integ@btconnect.com>:
> Greetings,
>
> I have been searching webpages for guidance on using a smartcard
> ( also know as an HSM ) for storing passwords for an ldap database
> on a linux system.
>
> This would include for instance how would the userPassword
> (attrribute) be specified - i.e. how to specify the
> userPassword to read the PIN/SO- PIN/PUK{whatever} of the
> HSM/smart-card etc etc ??
>
> Any guidance would be much appreciated.
RFC-4513 describes LDAP Authentication Methods. I don't know much about
HSM/smartcards, but if the provided key is a X.509 certificate, than it
would be simple. RFC-4422 describes SASL, if your smatcard provider is
complying with this RFC, than it could be realised.
-Dieter
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E