dn: olcDatabase={-1}frontend,cn=config | |
replace: olcPasswordHash | |
olcPasswordHash: SSHA512 | |
EOF |
--On Tuesday, January 7, 2020 11:52 AM -0800 rammohan ganapavarapu
<rammohanganap@gmail.com> wrote:
>
> Quanah,
>
>
> Thanks for the quick reply, is there any plans to make SSHA512 default?
No. As I said, SHA1 is mandated by RFC.
> also is there any migration steps to move from SHA-1 to SSHA512 ?
After deploying the sha2 module, all users must change their password so
the hash gets updated. There is no way to magically convert existing
hashes from SSHA1 to another scheme.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>