<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
  <title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Brian Jones wrote:
<blockquote cite="mid6e5927ff0507080842534dc7d5@mail.gmail.com"
 type="cite">
  <pre wrap="">Thanks, Kevin. 

Can I make a feature request to whoever sees this that is way better
at Java/C than me to at least make the stored password crypted in
something stronger than rot13?
  </pre>
</blockquote>
What would you suggest?  Note that a determined attacker will be able
to decode anything that could be done without a key, especially since
the source code is available.<br>
<blockquote cite="mid6e5927ff0507080842534dc7d5@mail.gmail.com"
 type="cite">
  <pre wrap="">


On 7/8/05, Kevin Myer <a class="moz-txt-link-rfc2396E" href="mailto:kevin_myer@iu13.org"><kevin_myer@iu13.org></a> wrote:
  </pre>
  <blockquote type="cite">
    <pre wrap=""><a class="moz-txt-link-freetext" href="http://www.redhat.com/docs/manuals/dir-server/ag/intro.htm#39523">http://www.redhat.com/docs/manuals/dir-server/ag/intro.htm#39523</a>

NB:  you trade the ease of startup with a security risk, in that your
keyphrase
is stored in a file cleartext.

Kevin

Quoting Brian Jones <a class="moz-txt-link-rfc2396E" href="mailto:bkjones@gmail.com"><bkjones@gmail.com></a>:

    </pre>
    <blockquote type="cite">
      <pre wrap="">Hi all.

I hit a snag yesterday when I rebooted my directory server box
(running RHEL 4). The problem is that I'm using SSL/TLS, and that
means that every time I restart the directory server I have to provide
the password for the certificate database. Now, I *know* that this
would never stand in a large production environment, so I can only
imagine that I missed some essential piece of documentation on how I
can use SSL/TLS, but not be forced to provide a password every time
the server starts.

Could someone provide a link to the doc that addresses this, or does
someone have some clue they could provide for my feeble brain?

Thanks.

--
Fedora-directory-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a>

      </pre>
    </blockquote>
    <pre wrap="">

--
Kevin M. Myer
Senior Systems Administrator
Lancaster-Lebanon Intermediate Unit 13  <a class="moz-txt-link-freetext" href="http://www.iu13.org">http://www.iu13.org</a>


--
Fedora-directory-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a>

    </pre>
  </blockquote>
  <pre wrap=""><!---->
--
Fedora-directory-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a>
  </pre>
</blockquote>
</body>
</html>