OpenLDAP replication 'credentials'

7 May 2008


      We will be using OpenLDAP with TLS, and also plan to use the OpenLDAP
replication as well.
I would like to keep plain text passwords out of config files.  We are
using the '{SSHA}' configuration option for the 'rootdn' configuration
variable.  Is there something similar that I can use for the replication
'credentials'?
I considered using SASL, but SASL passwords are stored in plain text in the
SASL password database, so that would just move the problem to a different
file.
I unsuccessfully tried using the '{SSHA}' configuration option for the
replication 'credentials'.
Is there a way to hash or encrypt the replication credentials without using
SASL?
Thanks in advance of any replies,
Mark

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

OpenLDAP replication 'credentials'