[Freeipa-users] Where and how are passwords stored?
Brad House
brad at monetra.com
Thu Feb 12 16:05:15 UTC 2015
On 02/12/2015 10:48 AM, Simo Sorce wrote:
> On Thu, 2015-02-12 at 07:38 -0800, Michael Lasevich wrote:
>> Thank you, this is very helpful. I forgot about 'super admin', which is why
>> I was not even seeing the values before. :-)
>>
>> How are the the values encrypted (or hashed?)
>>
>> It sounds like the password is stored in two fields(I am leaving samba out
>> for now) - userpassword andkerberos principle key.
>
>> Is userpassword a hash?
>
> Yes.
>
>> Of so, what kind?
>
> Configurable, by default salted sha256 IIRC.
Out of curiousity, where is this configurable? Also, is it using it in
conjunction with something like PBKDF2? I'd love to know more info on this
as we might want to increase the defaults ourselves.
Thanks!
-Brad
More information about the Freeipa-users
mailing list