build slapd-sha2 module for strong passwords
Bug #1347954 reported by
Adrian Bridgett
This bug report is a duplicate of:
Bug #1033096: request to have sha2 module in contrib included in package.
Edit
Remove
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap (Debian) |
Confirmed
|
Unknown
|
|||
openldap (Ubuntu) |
Triaged
|
Undecided
|
Unassigned |
Bug Description
out of the box, the strongest password encryption supported is SSHA (seeded SHA-1) which isn't really very good these days.
The best answer appears to be to compile up the contrib/slapd-sha2 module.
https:/
Changed in openldap (Debian): | |
status: | Unknown → Fix Committed |
Changed in openldap (Ubuntu): | |
status: | New → Triaged |
Changed in openldap (Debian): | |
status: | Fix Committed → Confirmed |
To post a comment you must log in.
This is pending for the Debian package and will eventually get merged into Ubuntu. If you use cn=config, note that setting olcPasswordHash to a scheme provided by a module will prevent slapd from starting, since cn=module is processed later; this is unfixed upstream.
Until pw-sha2 lands, you may want to look into {CRYPT}.