ldap passwords (want not in clear)

To: debian-user@lists.debian.org
Subject: ldap passwords (want not in clear)
From: Alan Chandler <alan@chandlerfamily.org.uk>
Date: Wed, 23 Apr 2003 07:45:36 +0100
Message-id: <[🔎] 200304230745.36639.alan@chandlerfamily.org.uk>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Checking with ethereal, I can see that my ldap clients (ldapsearch or gq) are 
sending bind requests with the password as clear text.  The data in the ldap 
database for these passwords is set as using {crypt}.

Nevertheless, if I put in a "wrong" password, it does seem to get rejected but 
a correct one does not.

With ethereal I can see that the reply that comes back saying success also has 
a field with bind dn = ""  and  I think this implies something.  This is 
because I am getting access problems when binding as the ldap administrator 
in that I cannot update the passwords despite having apparent access rights 
to write to the whole database.

Whats happening here - how should I arrange things so that the passwords do 
not get transmitted in the clear and how can I be sure I am binding as 
administrator?


- -- 
Alan Chandler
alan@chandlerfamily.org.uk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+pjaQuFHxcV2FFoIRAkHGAKCoZCsawHbwvhdYiGzb0PmmkvYMPgCffkvB
QlxsKbEhSgzLSulh8h+uWiI=
=05Ln
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: ldap passwords (want not in clear)
  - From: Dave Carrigan <dave@rudedog.org>

Prev by Date: Re: Query: what's best low-profile WWW gui-UA for Debian?
Next by Date: Re: How to connect UBS Camera
Previous by thread: laptop network configuration
Next by thread: Re: ldap passwords (want not in clear)
Index(es):
- Date
- Thread