[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: md5 hashing on passwords?

> My shadow file has a password entry like this:  
> 	:$1$s6cSJvNT$PSJJzm/IaL/LnbJJr0qc..:
> Which if I'm understanding correctly, is supposed to be
> MD5 because of the $1$ in the salt portion...?  What I'm
> trying to do is put MD5 passwords in my LDAP directory,
> but I can't find a true MD5 password.

If you put this type of has into LDAP, you need to do it this way:

userPassword: {crypt}$1$s6cSJvNT$PSJJzm/IaL/LnbJJr0qc..

Simply because this is generated and understood by the crypt() function.
If you want md5 in LDAP's native format, you'll have to use some other
function to generate it. IMO, the above is perfectly suitable, and is what
I use in my LDAP setup (especially since it conforms to my local shadow
configuration, it is easier to convert between the two systems, via an
export function).


/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins@debian.org  --  bcollins@openldap.org  --  bcollins@linux.com  '

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []