Re: LDAP breaks kcheckpass when not setuid root (#298148)
On Saturday 05 May 2007 16:13, Peter Samuelson <peter@p12n.org> wrote:
> [Roberto C. Sánchez]
>
> > You mean that the passwords go in the clear?
>
> Yes, unless you are securing the entire LDAP session, using SSL.
Does the pam_ldap module allow you to store the SSL key for the server or
authenticate the server with a certificate?
If not then SSL only stops passive sniffing not a MITM attack.
--
russell@coker.com.au
http://etbe.coker.com.au/ My Blog
http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
Reply to: