On Tuesday 05 February 2008 14:14:35 Pat Riehecky imposed structure on a stream of electrons, yielding:
My reading the archives has lead me to believe that DIGEST-MD5 will require me to store passwords in cleartext. To evaluate the usefulness of this at my site (little point in storing them cleartext if nothing can use DIGEST-MD5) I have setup a test server, but the password keeps getting hashed
I have added password-hash {CLEARTEXT} to my slapd.conf (which gave me password-hash {CLEARTEXT},{SSHA},{SMD5},{CRYPT}). That didn't do it, so I went for just password-hash {CLEARTEXT}. That also keeps getting my passwords hashed.
Strangely they are not prefixed with the {HASHTYPE}.
When I run ldappasswd -H ldapi:/// -D "cn=testuser,dc=iwu,dc=edu" -w Please -x -s please
In LDAP I get
userPassword:: cGxlYXNl
Why do you think it's hashed? :
% echo cGxlYXNl | openssl base64 -d | cat please
It's cleartext, just base64 encoded.
Karsten.