[Fedora-directory-users] mandating SSL-only connections
Susan
logastellus at yahoo.com
Thu Jan 5 19:02:52 UTC 2006
--- Richard Megginson <rmeggins at redhat.com> wrote:
> If you are using ldapsearch -ZZ:
> -Z[Z] Issue StartTLS (Transport Layer Security) extended operation. If
> you use -ZZ, the command will require the operation to be suc-
> cessful. And if it is successful, the connection should be encrypted from >that point on, and
you should not see any clear text. You can verify this by
yes, I put the nssldap_port back to 389. Now ldapsearch -x -ZZ returns encrypted data, that's
fine. However, when I ssh to a client, THAT LDAP traffic is not encrypted, I can see my password
in clear text in ethereal. That's the problem.
__________________________________________
Yahoo! DSL – Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
More information about the Fedora-directory-users
mailing list