[Fedora-directory-users] MD5 for password hashes
Sam Tran
stlist at gmail.com
Thu Jul 7 15:29:21 UTC 2005
On 7/7/05, Rich Megginson <rmeggins at redhat.com> wrote:
> Sam Tran wrote:
>
> >Hi all,
> >
> >I compiled FDS from the latest sources.
> >
> >I migrated a user entry from OpenLDAP to FDS as a test. For that user
> >entry I tried different password hash schemes for the userPassword
> >attribute and checked if it was successfully migrated to FDS. Here are
> >the results:
> >
> >
> Did you run this script first -
> http://www.directory.fedora.redhat.com/download/openLDAP2Fedora.pl - to
> migrate the data that used MD5 passwords?
>
> >{CRYPT} --> OK
> >(MD5} --> FAILED
> >{SMD5} --> FAILED
> >{MD5CRYPT} --> OK
> >{SHA} --> OK
> >{SSHA} --> OK
> >
> >I thought that FDS supported MD5 password hash. Did I miss something?
> >
> >
> Not sure. I would have expected {MD5} to work but not {MD5CRYPT}. See
> above.
>
> >Thanks in advance.
> >
> >Sam
> >
You should not need to run this script to do the migration. This
script just Base64 decodes the userPassword attribute and puts it in
the form {HASH}xxxxxxxx. FDS apparently understands the Base64 encoded
version of the password.
For SHA, SSHA, CRYPT and MD5CRYPT I didn't use this script and the
migration was successful. For MD5 I tried without and with the script:
it was unsuccessful in both cases.
Sam
More information about the Fedora-directory-users
mailing list