Pam LDAP - Is It Possible To Encrypt Bindpw?

Thorsten Kukuk kukuk at suse.de
Wed Jul 9 14:28:12 UTC 2008


On Wed, Jul 09, Bobby Cox wrote:

> Hello All,
> 
> If this is not the correct list please excuse me, and would you please direct me to the appropriate place.  If this is the right place, here is my question:
> 
> Is it possible to encrypt bindpw in ldap.conf?   We currently do not allow anonymous bind and would rather not leave the bindpw in clear text if at all possible.

If you encrypt it in ldap.conf, you need to store the key somewhere.
This only makes it more complicated for an attacker, but will not
solve your problem.

  Thorsten
-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)




More information about the Pam-list mailing list