SSHA Seed?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



That sounds reasonable; but it doesn't appear to work.  Let me go into 
the details a little more:

   1. FDS + Samba3 on one server with user's passwords stored as SSHA
      Hashed values.
   2. New OpenLDAP install on a different server (used by other services
      on that machine, and no they won't play nice w/ external ldap
      server); this server is also setup (already) to store passwords
      using SSHA.
   3. We want to copy the hashed password value from FDS and put in it
      into the OpenLDAP server as the userPassword attribute for the
      users; however the other server is using a different sha seed,
      therefore when it tries to compare the value entered by the user
      to the stored value it fails (as it is using its own seed to
      re-hash the password and do the comparison).

So that's where we stand.  Currently have been told to simply set all 
users in the OpenLDAP to a default value and make them reset their 
passwords on that server if they want to.


Mike Jackson wrote:
> Robert r. Sanders wrote:
>> Yeah, but what I want to do is copy the HASH from one server to the 
>> other.
>>
>>
>
> In that case, you don't need to do anything.
>
> If you have FDS set to do hashing in SSHA, and you send a cleartext 
> string as a userPassword modify, then FDS SSHA hashes it for you.
>
> If you send a string prefixed with {SSHA} as a userPassword modify, 
> FDS does not hash it for you.
>
> -- 
> mike
>
> -- 
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

-- 
    Robert r. Sanders
    Chief Technologist
    iPOV
    (334) 821-5412
    www.ipov.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20060525/d53d0f7e/attachment.html 


[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux