Re: Openldap support SHA-256 or SHA-3.

--On Tuesday, January 7, 2020 11:52 AM -0800 rammohan ganapavarapu rammohanganap@gmail.com wrote:

Quanah,

Thanks for the quick reply, is there any plans to make SSHA512 default?

No. As I said, SHA1 is mandated by RFC.

also is there any migration steps to move from SHA-1 to SSHA512 ?

After deploying the sha2 module, all users must change their password so the hash gets updated. There is no way to magically convert existing hashes from SSHA1 to another scheme.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com