Re: Encryption or hash for password?

Gerhardus Geldenhuis wrote:

Thanks, I thought crypt as well... but then I would expect it to look like: userPassword: {CRYPT}saHW9GdxihkGQ

instead slapcat generates: userPassword:: skadfjsajf=

Two small differences: there is two :: instead of one and all of the userPassword entries ends in =.

Read the ldif(5) manpage.

Regards

On 15 March 2013 15:19, Marot Laurent <Laurent.Marot@alliacom.com mailto:Laurent.Marot@alliacom.com> wrote:

Hello,

Seems to be base64 encoded {crypt} password

http://www.openldap.org/faq/data/cache/344.html

{crxPt}$1$I0(g7lbc$Zp/rgvZBd0eHöndgh0W3L/

Laurent

*De :*openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org
<mailto:openldap-technical-bounces@OpenLDAP.org>] *De la part de*
Gerhardus Geldenhuis
*Envoyé :* vendredi 15 mars 2013 15:58
*À :* openldap-technical@openldap.org <mailto:openldap-technical@openldap.org>
*Objet :* Encryption or hash for password?

Hi

I am using the default Ubuntu 12.10 openldap installation and have
inherited an existing ldap setup. When I do a slapcat -n 1

It shows userPassword entries as follows:

userPassword:: e2NyeFB0fSQxJEkwKGc3bGJjJFpwL3JndlpCZDBlSPZuZGdoMFczTC8=

( password string has been edited... )

I am not sure how this is encoded... is there a way to find out? I have
tried md5 which is currently the default encoding for our servers.

I have also tried slappasswd with various -h option to see if I can
recreate the same hash if it is a hash.

I want to add new users using ldif and would like to encrypt/hash their
passwords in a similar fashion if possible.

Any help would be appreciated.

Regards

--
Gerhardus Geldenhuis


------------------------------------------------------------------------------

Le papier est un support de communication naturel, renouvelable et
recyclable. Si vous devez imprimer ce mail, n’oubliez pas de le recycler.

-- Gerhardus Geldenhuis