I actually read the manpage this time on password-crypt-salt-format but still have some questions. It seems that only one salt format can be specified at a time but I'm wondering about the salt itself. A user can never specify what the salt string will be since the 2nd paragraph of that setting's description states the conversion will be substituted with a string of random characters, is that correct? And after reading the crypt(3) manpage it seems that the salt only applies to {CRYPT} passwords so that means it won't work (or be used) for SHA passwords (making them SSHA). Is that correct? I would guess it isn't correct based on the next paragraph.
The manpage states the default hash is SSHA (although I recently found out that on Debian with OpenLDAP 2.2.30 cleartext is the default) so I guess the salts do work with SHA to make SSHA passwords. If that is the case how does one have control over whether a salted or unsalted password is created if programmatically modifying a password by using the LDAP password extension or some other API? Is it a matter of either having salted or unsalted passwords (but not both at the same time) depending on whether the password-crypt-salt-format setting is configured?
One last question, if a salt is used with MD5 for example, is the password's hash prefixed with {SMD5} or is {MD5} still used?
All these hashes are confusing so I'm trying to get things clear in my head.
thanks
Brandon McCombs wrote:
I actually read the manpage this time on password-crypt-salt-format but still have some questions. It seems that only one salt format can be
One last question, if a salt is used with MD5 for example, is the password's hash prefixed with {SMD5} or is {MD5} still used?
All these hashes are confusing so I'm trying to get things clear in my head.
No. No salt is used with MD5 or SHA. The salt that is used with SMD5 or SSHA is generated randomly. The password-crypt-salt-format only applies to crypt, just as it's documented.
Howard Chu wrote:
Brandon McCombs wrote:
I actually read the manpage this time on password-crypt-salt-format but still have some questions. It seems that only one salt format can be
One last question, if a salt is used with MD5 for example, is the password's hash prefixed with {SMD5} or is {MD5} still used?
All these hashes are confusing so I'm trying to get things clear in my head.
No. No salt is used with MD5 or SHA. The salt that is used with SMD5 or SSHA is generated randomly. The password-crypt-salt-format only applies to crypt, just as it's documented.
That doesn't seem to answer all my questions. I realize no salt is used with MD5/SHA , otherwise they would be SMD5 and SSHA. And I realize the salt used is generated randomly. The question is how does a person choose to use a salt or not use a salt if they have no control over what the salt is? What determines whether a salt is applied? If a salt is specified on the conf file then it applies to everyone and no one can choose *not* to use it, is that correct? If so then if they want to use MD5 or SMD5, what do they need to do differently for each in order for the password to be stored correctly? If I'm calculating the hash for them to store the hashed password using an API, then I need to know what I need to do about the salt (so far it seems nothing) but I also need to know whether it even makes sense to give them the option of making salted or unsalted hashes or if the server is going to control all that anyway.
thanks
Brandon McCombs wrote:
Howard Chu wrote:
Brandon McCombs wrote:
I actually read the manpage this time on password-crypt-salt-format but still have some questions. It seems that only one salt format can be
One last question, if a salt is used with MD5 for example, is the password's hash prefixed with {SMD5} or is {MD5} still used?
All these hashes are confusing so I'm trying to get things clear in my head.
No. No salt is used with MD5 or SHA. The salt that is used with SMD5 or SSHA is generated randomly. The password-crypt-salt-format only applies to crypt, just as it's documented.
That doesn't seem to answer all my questions. I realize no salt is used with MD5/SHA , otherwise they would be SMD5 and SSHA. And I realize the salt used is generated randomly. The question is how does a person choose to use a salt or not use a salt if they have no control over what the salt is?
They don't.
What determines whether a salt is applied?
Whether the configured hash uses a salt or not.
If a salt is specified on the conf file then it applies to everyone and no one can choose *not* to use it, is that correct?
You don't specify a salt in the slapd.conf file. You *can* specify a *format* for a salt *for the crypt mechanism* but that's all. If the crypt hash isn't being used, then all of this is irrelevant.
If so then if they want to use MD5 or SMD5, what do they need to do differently for each in order for the password to be stored correctly?
Nothing.
If I'm calculating the hash for them to store the hashed password using an API, then I need to know what I need to do about the salt (so far it seems nothing) but I also need to know whether it even makes sense to give them the option of making salted or unsalted hashes or if the server is going to control all that anyway.
The server controls all of that, you shouldn't be computing any hashes in client side code. The PasswordModify exop takes a plaintext password as input; all hashing is done on the server.
Brandon McCombs writes:
The question is how does a person choose to use a salt or not use a salt if they have no control over what the salt is?
If he uses the Password Modify extended operation, slapd will hash the password for him, with the hash method specified by password-hash in slapd.conf.
If he wants to control exactly how some password is hashed, he can generate the hashed password himself (with the appropriate {hashmethod} prefix) and use the LDAP Add or Modify operation to store it in attribute userPassword. As the slapd.conf(5) man page says (under password-hash).
What determines whether a salt is applied?
For Password Modify: A salt is generated if the specified method needs a salt.
If a salt is specified on the conf file
*a* salt? With the password-crypt-salt-format keyword? You do not intend to use a salted method only to reduce security by using the same salt for everyone, I hope.
then it applies to everyone and no one can choose *not* to use it, is that correct?
Not if they use Password Modify. If they use Modify, the can use something else.
openldap-software@openldap.org
-
Brandon McCombs -
Hallvard B Furuseth -
Howard Chu