Pam LDAP - Is It Possible To Encrypt Bindpw?
Bobby Cox
Bobby.Cox at presage-tech.com
Wed Jul 9 14:37:52 UTC 2008
Thorsten,
Thank you for your reply. Would you happen to know the syntax necessary to accomplish this or a link to a doc? In our case a small deterrent is better then none.
Regards,
Bobby Cox
________________________________________
From: pam-list-bounces at redhat.com [pam-list-bounces at redhat.com] On Behalf Of Thorsten Kukuk [kukuk at suse.de]
Sent: Wednesday, July 09, 2008 9:28 AM
To: pam-list at redhat.com
Subject: Re: Pam LDAP - Is It Possible To Encrypt Bindpw?
On Wed, Jul 09, Bobby Cox wrote:
> Hello All,
>
> If this is not the correct list please excuse me, and would you please direct me to the appropriate place. If this is the right place, here is my question:
>
> Is it possible to encrypt bindpw in ldap.conf? We currently do not allow anonymous bind and would rather not leave the bindpw in clear text if at all possible.
If you encrypt it in ldap.conf, you need to store the key somewhere.
This only makes it more complicated for an attacker, but will not
solve your problem.
Thorsten
--
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)
_______________________________________________
Pam-list mailing list
Pam-list at redhat.com
https://www.redhat.com/mailman/listinfo/pam-list
More information about the Pam-list
mailing list