Re: Directory enabled distribution
On Thu, Mar 11, 1999 at 08:41:57AM +1100, Brian May wrote:
> Does LDAP support secure transmission of passwords, or would this require
> an additional protocol like Kerberos?
>
> Does LDAP support encryption?
In OpenLDAP's current form, no. However, there is work to suport the TSL
(SSLeay/OpenSSL) protocol, but I'm not sure how far off this will be
before it is complete.
OpenLDAP already supports kerberos for authentication as a compile time
option. It does not seem to take advantage of kerberos's encrypted
sessions.
However, the passwords as stored in the LDAP database are encrypted
with crypt()'s DES or MD5 algorithm (Debian's version of pam_ldap takes
advantage of both).
--
----- -- - -------- --------- ---- ------- ----- - - --- --------
Ben Collins <b.m.collins@larc.nasa.gov> Debian GNU/Linux
OpenLDAP Core - bcollins@openldap.org bcollins@debian.org
UnixGroup Admin - Jordan Systems The Choice of the GNU Generation
------ -- ----- - - ------- ------- -- ---- - -------- - --- ---- - --
Reply to: