<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Brian Jones wrote:
<blockquote cite="mid6e5927ff0507080842534dc7d5@mail.gmail.com"
type="cite">
<pre wrap="">Thanks, Kevin.
Can I make a feature request to whoever sees this that is way better
at Java/C than me to at least make the stored password crypted in
something stronger than rot13?
</pre>
</blockquote>
What would you suggest? Note that a determined attacker will be able
to decode anything that could be done without a key, especially since
the source code is available.<br>
<blockquote cite="mid6e5927ff0507080842534dc7d5@mail.gmail.com"
type="cite">
<pre wrap="">
On 7/8/05, Kevin Myer <a class="moz-txt-link-rfc2396E" href="mailto:kevin_myer@iu13.org"><kevin_myer@iu13.org></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap=""><a class="moz-txt-link-freetext" href="http://www.redhat.com/docs/manuals/dir-server/ag/intro.htm#39523">http://www.redhat.com/docs/manuals/dir-server/ag/intro.htm#39523</a>
NB: you trade the ease of startup with a security risk, in that your
keyphrase
is stored in a file cleartext.
Kevin
Quoting Brian Jones <a class="moz-txt-link-rfc2396E" href="mailto:bkjones@gmail.com"><bkjones@gmail.com></a>:
</pre>
<blockquote type="cite">
<pre wrap="">Hi all.
I hit a snag yesterday when I rebooted my directory server box
(running RHEL 4). The problem is that I'm using SSL/TLS, and that
means that every time I restart the directory server I have to provide
the password for the certificate database. Now, I *know* that this
would never stand in a large production environment, so I can only
imagine that I missed some essential piece of documentation on how I
can use SSL/TLS, but not be forced to provide a password every time
the server starts.
Could someone provide a link to the doc that addresses this, or does
someone have some clue they could provide for my feeble brain?
Thanks.
--
Fedora-directory-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a>
</pre>
</blockquote>
<pre wrap="">
--
Kevin M. Myer
Senior Systems Administrator
Lancaster-Lebanon Intermediate Unit 13 <a class="moz-txt-link-freetext" href="http://www.iu13.org">http://www.iu13.org</a>
--
Fedora-directory-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a>
</pre>
</blockquote>
<pre wrap=""><!---->
--
Fedora-directory-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/fedora-directory-users">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a>
</pre>
</blockquote>
</body>
</html>