Hello Suomi, Thanks for your answer. Excuse my ignorance I don't know if I understood you correctly. My point in the e-mail (sorry I didn't mention it ;( ) was to be able to modify the password using the passwd command instead of ldapadd/ldapmodify, if I use ldappasswd I have no problem with the encryption of the password. When you say in the ldap config, you mean on server side or on client side? Thanks again, j On 04/12/2011 02:55 PM, fedora wrote: > At this site, we are using LDAP authentication exclusively. In the LDAP > DIT whe have all kinds of hased passwords including crypt, ssh, ssha. In > front of the password hash of the userPassword attribute we indicate the > type of hash used: > > {crypt}/ey2ykUvpobl > {SHA}QwdAWqb3+JCy34khUkrR81af/B > {SSHA}yVvZPg6Pz9WOjEUoLIv2XRpJAQRhzu > > We can auttenticate a user via pam, and the mail-message store > authenticates mail users using the same userPassword attribute. > > The primary hash is indicated in the LDAP config: > olcPasswordHash: {SSHA} > Thus, when we use the LDAP tools (ldapadd, ldapmodify) to add/change > passwords, the hash type is indicated automatically in the userPassword > attribute as explained above. > > suomi > > > On 2011-04-12 10:53, Judith Flo Gaya wrote: >> Hello, >> >> I'm dealing with ldap and after switching to ssha passwords in the >> server side, my clients are no longer able to change them passwords >> without losing access to the server. >> The issue is related to the different hashing methods (server is using >> ssha and clients (f14) are using crypt). >> Is there any way to force the passwd command to generate ssha hashed >> passwords? >> I've trying to do it through the authconfig command but seems that I can't. >> >> On the other side I would like to make the users able to login even if >> the network fails (i.e the ldap server is unreachable), I've read that >> this can be done with nscd but I don't know neither how nor the >> implications that this change will produce. >> >> Thanks a lot for any help in advance, it will be very appreciated, >> j -- Judith Flo Gaya Systems Administrator IMPPC e-mail: jflo@xxxxxxxxx Tel (+34) 93 554-3079 Fax (+34) 93 465-1472 Institut de Medicina Predictiva i Personalitzada del Càncer Crta Can Ruti, Camí de les Escoles s/n 08916 Badalona, Barcelona, Spain http://www.imppc.org -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines