LDAP Authentication
Hello,
I have a box running Lenny which I am trying to configure to use LDAP
(as opposed to local) user authentication. Both nss_ldap and pam_ldap
are installed from the current packages. The server it is
authenticating against is a Sun LDAP server which stores passwords as
SHA2 hashes by default. I am not able to get LDAP logins working on
this box, and the problem appears to be that there is no support for
SHA2 passwords in nss_ldap or pam_ldap. Does anyone know if this is
correct? I have tried setting pam_password to 'clear', 'crypt', 'ad',
and 'exop' with no luck. (There does not seem to be any 'sha' or 'sha2'
option.)
If we change the password from SHA2 to a UNIX crypt hash on the server
and set pam_password to 'crypt' in /etc/libnss-ldap.conf, then the LDAP
authentication works correctly.
I haven't had any luck finding answers on Google, and I can't seem to
find much documentation on using nss_ldap or pam_ldap with SHA2. Any
help or suggestions will be greatly appreciated.
Thanks!
Dave
--
Dave Parker
Utica College Department of
Integrated Information Technology Services
Data Processing Office
(315) 792-3229
Registered Linux User #408177
Reply to: