[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
SSHA hash are stores as '{ssha}......' and '{SSHA}......'
- To: openldap-technical@openldap.org
- Subject: SSHA hash are stores as '{ssha}......' and '{SSHA}......'
- From: Matthias Apitz <guru@unixarea.de>
- Date: Tue, 29 Sep 2015 09:03:47 +0200
- Content-disposition: inline
- User-agent: Mutt/1.5.23 (2014-03-12)
Hello,
We are authenticating from some Java written software against an
OpenLDAP system by reading the users 'userPassword' LDAP attribute,
calculating the clear text password against the SSHA hash string.
It turned out that some (a few number) of these hash are stored in the
form:
userPassword:: e3NzaGF9R2tSOU91SGhOakFoZzBWeVNtY0JHRUE5b2NMVU5GZWZnY0VaMXc9PQ==
which decodes to:
$ echo 'e3NzaGF9R2tSOU91SGhOakFoZzBWeVNtY0JHRUE5b2NMVU5GZWZnY0VaMXc9PQ==' | openssl base64 -d
{ssha}GkR9OuHhNjAhg0VySmcBGEA9ocLUNFefgcEZ1w==
i.e. with SSHA in small letters. It's only 1 of thousand users having
the tag as '{ssha}'.
Why is this?
Thanks
matthias
--
Matthias Apitz, ✉ guru@unixarea.de, 🌐 http://www.unixarea.de/ ☎ +49-176-38902045
No! Nein! ¡No! Όχι! -- Ευχαριστούμε!