--On Saturday, February 25, 2017 4:31 PM +1300 Andrew Bartlett abartlet@samba.org wrote:

When I asked notable Kiwi security researcher Peter Gutmann on the sidelines of Kiwicon about what to use if I ever imagined a Samba un- shackled from the restrictions of Windows compatibility (the printed conference program poked fun at AD for MD4), he strongly recommended Argon2 as mentioned in the link above.

Either way, I'll follow this thread with interest, as I'm keen to have a password hash in Samba that is both best-of-breed and shared between modern OpenLDAP and Samba, for our administrators who need password sync.

There's actually an argon module that has been submitted for inclusion in OpenLDAP (Via ITS#8575). So we may want to start with that.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com