[Fedora-directory-users] How to change password storage method?
Pete Rowley
prowley at redhat.com
Thu Mar 29 17:38:05 UTC 2007
Andy Schofield wrote:
>> My real problem is that clients are broadcasting passwords in the
>> clear (despite pam being told to use md5 with ldap). I am assuming
>> that is because the ldap server is using SSHA and pam is using md5 so
>> they negotiate to send passwords in the clear. Does that sound right?
>>
>
> However - it has not solved this problem. The password is still being
> sent in the clear. I have /etc/ldap.conf including the line:
>
What you need is not a hashed password sent over the wire (which
achieves very little) but an encrypted transport using SSL, or SASL and
kerberos.
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070329/f6fd6b62/attachment.bin>
More information about the Fedora-directory-users
mailing list