Ho
I made SSHA512 as default this way
dn: olcDatabase={-1}frontend,cn=config replace: olcPasswordHash olcPasswordHash: SSHA512 EOF
Once pw-sha2 module was loaded
https://github.com/peppelinux/ansible-slapd-eduperson2016/blob/master/roles/...
Il mar 7 gen 2020, 21:24 Quanah Gibson-Mount quanah@symas.com ha scritto:
--On Tuesday, January 7, 2020 11:52 AM -0800 rammohan ganapavarapu rammohanganap@gmail.com wrote:
Quanah,
Thanks for the quick reply, is there any plans to make SSHA512 default?
No. As I said, SHA1 is mandated by RFC.
also is there any migration steps to move from SHA-1 to SSHA512 ?
After deploying the sha2 module, all users must change their password so the hash gets updated. There is no way to magically convert existing hashes from SSHA1 to another scheme.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org