changing password hashing to something other than md5 in /etc/shadow
Craig White
craig at tobyhouse.com
Fri Aug 24 09:28:36 MST 2007
On Fri, 2007-08-24 at 03:04 -0700, Technomage-hawke wrote:
> ok,
>
> * I've googled for it (no luck, but certainly lots of 'interesting' reading
> material)
> * I've tried reading all the syste. documentation I can find
>
> * I've even tried hunting down the files to allow this.
>
> how do I hanged the hashing algorithm used in /etc/shadow?
> I need to use something other than MD5 or DES (was looking at whirlpool, AES,
> sha-5 or above).
>
> some suggestions please?
----
openldap 2.3.x offers the following options...
password-hash <hash> [<hash>...] This option configures one or more
hashes to be used in generation of user passwords stored in the
userPassword attribute during processing of LDAP Password Modify
Extended Operations (RFC 3062). The <hash> must be one of {SSHA},
{SHA}, {SMD5}, {MD5}, {CRYPT}, and {CLEARTEXT}. The default is {SSHA}.
--
Craig White <craig at tobyhouse.com>
More information about the PLUG-discuss
mailing list