[Fedora-directory-users] SSHA Password hash function
Radek Hladik
radek at eadresa.cz
Sun Sep 10 13:02:31 UTC 2006
Mike Jackson napsal(a):
> Radek Hladik wrote:
>> Hi all,
>> I'm trying to get working SSHA password generation in JavaScript. I've
>> found interesting topic which I want to ask about.
>
>
> You don't need to generate password hashes externally, the server will
> do it for you.
>
> Enable SSHA password hashing in the server, and modify the userPassword
> attribute with a plaintext value via SSL for transport security. The
> server will hash the userPassword value for you. Or you could use the
> password modify extended operation...
Thanks, I didn't know about this possibility. But I would like to also
provide the user with option to verify the hash. And password not
leaving the client computer is good bonus too. However the code is
working now, only some salt lengths cause troubles. And it is also not
good that slapd crashes with the incorrect hash (yes, I've filed that as
bug 205907 :-) ).
Radek
More information about the Fedora-directory-users
mailing list