Ulrich Windl wrote:
Michael Strödermichael@stroeder.com schrieb am 30.03.2015 um 11:24 in
Nachricht 55191633.90204@stroeder.com:
Ulrich Windl wrote:
Michael Strödermichael@stroeder.com schrieb am 29.03.2015 um 12:12 in
I have this in my config:
# SSF value for ldapi:// localSSF 256
What I don't understand here is: Doesn't "256" _require_ encryption for ldapi:// then?
There is a reason for everything I write, especially this sentence:
See slapd.conf(5) for details.
Learn to read the fine docs.
What really annoys me in this list are answers like "I know, you dont't. Try to find out yourself!".
Is it really too demanding to look up the text yourself when I point out a particular configuration directive *and* point to the relevant man page?
My impression was that you did not read the text before asking back.
Here's what the manual page says:
localSSF <SSF> Specifies the Security Strength Factor (SSF) to be givenlocal LDAP sessions, such as those to the ldapi:// listener. For a description of SSF values, see sasl-secprops's minssf option description. The default is 71. -- So where is the answer what 255 means? And what is the meaning of 71? (I guess 71 bit encryption; so I guess 255 means 255-bit encryption, but you say I'm wrong)
Yes, the default is 71 which is lower than what you specified as minssf.
Ciao, Michael.