directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Reuter <>
Subject Re: [ApacheDS] Bind problems
Date Fri, 12 Jun 2009 15:15:42 GMT
Stefan Seelmann wrote:
> slappasswd creates SSHA password with 4 byte salt.
> Studio creates SSHA passwords with 8 byte salt
> ApacheDS bind operation only works with a 8 byte salt.
> The Studio veryify operation works with both.

Thanks for the investigation, this also explains why plain MD5 and SHA
passwords work.

> I haven't found a definite receipe how many byte of salt a SSHA password
> should contain. Any reference would be welcome.

I also didn't find a reference but both seem common.
Would it be an option for ApacheDS to support variable length salts in
the future? This would remove a blocker for those migrating from
OpenLDAP or other servers with a different salt size.


View raw message