[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl without cleartext password.

To: Prakash Padadune <prakash.padadune@gmail.com>, openldap-technical@openldap.org
Subject: Re: syncrepl without cleartext password.
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 27 Oct 2015 10:53:01 +0100
In-reply-to: <CAMhj=fFj3s61k336amvAeNveo-Z3ue-kZmEOkYDqCZjz3-Ng9A@mail.gmail.com>
References: <CAMhj=fFj3s61k336amvAeNveo-Z3ue-kZmEOkYDqCZjz3-Ng9A@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:41.0) Gecko/20100101 SeaMonkey/2.38

Prakash Padadune wrote:
> I want to implement syncrepl without having cleartext password in the
> slapd.conf.
> How this can be achieved?

Use TLS with client certs and SASL/EXTERNAL. Of course this needs key files in
clear-text on the disk if you want to start slapd unattended.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- syncrepl without cleartext password.
  - From: Prakash Padadune <prakash.padadune@gmail.com>

Prev by Date: syncrepl without cleartext password.
Next by Date: Re: Atribute Tags [was: multi-value attribute virtual view of single attribute]
Index(es):
- Chronological
- Thread