Re: ldap re-creating database

To: <debian-user@lists.debian.org>
Subject: Re: ldap re-creating database
From: "nate" <debian-user@aphroland.org>
Date: Mon, 18 Nov 2002 11:44:45 -0800 (PST)
Message-id: <[🔎] 17545.216.39.174.24.1037648685.squirrel@webmail.linuxpowered.net>
In-reply-to: <[🔎] 20021118152621.GA18069@dman.ddts.net>
References: <[🔎] 20021118062446.GC12271@shark> <[🔎] 23973.216.39.174.24.1037603516.squirrel@webmail.linuxpowered.net> <[🔎] 20021118152621.GA18069@dman.ddts.net>

Derrick dman Hudson said:

> SSHA is Salted SHA.  The difference between SSHA and SHA is the salt used
> in the beginning (which is also why you can get different values out for
> the same input, which makes it harder to crack).  I think
> SSHA is what openldap tends to use when you set a password field.

ahh ok

>
> However, in the slapd.conf file I think it is supposed to be
> plain-text.  So either change that line to read rootpw  password or type
> in '{SSHA}JuaWFhw+AXDgppTgOJPtpZARL1PpWRoj' as the password.
> When I set up openldap it was a plain-text entry in the config file.

it can be encrypted too, but you need to specify the encryption type

e.g.

password-hash   {MD5}
rootpw          {MD5}2hpVc0nyXGQbGjaK9bIYpw==

at least it works for MD5, never tried SHA or SSHA

nate

Reply to:

References:
- Re: ldap re-creating database
  - From: mdevin <mdevin@ozemail.com.au>
- Re: ldap re-creating database
  - From: "nate" <debian-user@aphroland.org>
- Re: ldap re-creating database
  - From: Derrick 'dman' Hudson <dman@dman.ddts.net>

Prev by Date: Upgrade from potato to woody?
Next by Date: Re: why does it look at xdm and kdm while shutting down?
Previous by thread: Re: ldap re-creating database
Next by thread: wtmp and setuid gone mad..
Index(es):
- Date
- Thread