[Fedora-directory-users] How to change password storage method?
Pete Rowley
prowley at redhat.com
Thu Mar 29 18:45:56 UTC 2007
Andy Schofield wrote:
> However, a hashed password is better than nothing surely. Even NIS
> didn't sent passwords in the clear.
>
Not from the DS point of view - if it accepts a hashed password in the
bind then that is equivalent to the original password, so nothing is
really achieved. It /may/ delay the ability of an attacker to log in to
a machine using LDAP as the authentication mechanism, but md5 has known
vulnerabilities in that regard and cannot be recommended.
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070329/0c389497/attachment.bin>
More information about the Fedora-directory-users
mailing list