> On Fri, May 04, 2007 at 11:51:02PM +0200, Petter Reinholdtsen wrote: > > Actually, you got it backwards, as explained above. pam-ldap isn't > > using the password hash to check the password. It is passing the > > password over to the LDAP server (using an LDAP bind), and letting the > > LDAP server decide if the password is correct or not. [Roberto C. Sánchez] > You mean that the passwords go in the clear? Yes, unless you are securing the entire LDAP session, using SSL.
Description: Digital signature