[Fedora-directory-users] MD5 for password hashes

Rich Megginson rmeggins at redhat.com
Thu Jul 7 15:37:09 UTC 2005 

Sam Tran wrote:

>On 7/7/05, Rich Megginson <rmeggins at redhat.com> wrote:
>  
>
>>Sam Tran wrote:
>>
>>    
>>
>>>Hi all,
>>>
>>>I compiled FDS from the latest sources.
>>>
>>>I migrated a user entry from OpenLDAP to FDS as a test. For that user
>>>entry I tried different password hash schemes for the userPassword
>>>attribute and checked if it was successfully migrated to FDS. Here are
>>>the results:
>>>
>>>
>>>      
>>>
>>Did you run this script first -
>>http://www.directory.fedora.redhat.com/download/openLDAP2Fedora.pl - to
>>migrate the data that used MD5 passwords?
>>
>>    
>>
>>>{CRYPT} --> OK
>>>(MD5} --> FAILED
>>>{SMD5} --> FAILED
>>>{MD5CRYPT} --> OK
>>>{SHA} --> OK
>>>{SSHA} --> OK
>>>
>>>I thought that FDS supported MD5 password hash. Did I miss something?
>>>
>>>
>>>      
>>>
>>Not sure.  I would have expected {MD5} to work but not {MD5CRYPT}.  See
>>above.
>>
>>    
>>
>>>Thanks in advance.
>>>
>>>Sam
>>>
>>>      
>>>
>
>You should not need to run this script to do the migration. This
>script just Base64 decodes the userPassword attribute and puts it in
>the form {HASH}xxxxxxxx. FDS apparently understands the Base64 encoded
>version of the password.
>
>For SHA, SSHA, CRYPT and MD5CRYPT I didn't use this script and the
>migration was successful. For MD5 I tried without and with the script:
>it was unsuccessful in both cases.
>  
>
This is really bizarre, because MD5CRYPT should not work at all - it is 
not supported by FDS.  The only thing I can think is that it is 
interpreting the value as clear text.

How did you verify that the migration was successful?

>Sam
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20050707/7add040c/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20050707/7add040c/attachment.bin>

More information about the Fedora-directory-users mailing list