[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap support SHA-256 or SHA-3.





--On Tuesday, January 7, 2020 11:52 AM -0800 rammohan ganapavarapu <rammohanganap@gmail.com> wrote:


Quanah,


Thanks for the quick reply, is there any plans to make SSHA512 default?

No.  As I said, SHA1 is mandated by RFC.

also is there any migration steps to move from SHA-1 to SSHA512 ?

After deploying the sha2 module, all users must change their password so the hash gets updated. There is no way to magically convert existing hashes from SSHA1 to another scheme.

--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>