directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Schuster (IFKL IT OS DS CD)" <Martin.Schust...@infineon.com>
Subject Re: [ApacheDS] Hash question
Date Fri, 08 Oct 2010 13:07:53 GMT
On 10/07/2010 09:22 PM, Jason Russler wrote:
>   Can the (MD5) password hashes from a shadow file be re-encoded to 
> something Apache DS can understand
>
re-encoding is not possible, but you can check which algorithm is used
in your shadow-file (e.g. if the passwords there start with $1$ it's
MD5, see crypt(3) for a list), and then check if ApacheDirServer knows
that algorithm.

Using DirectoryStudio I can see the following hash-algos when setting
a userPassword: SHA, SSHA, MD5, SMD5, CRYPT
(don't know if that list is queried from the server or hardcoded into
DirStudio)

So if you currently have
$1$PzZV2WYK$Asd3JtTFOwR3JnNTPjxDq/
in /etc/shadow, you can try
{MD5}PzZV2WYK$Asd3JtTFOwR3JnNTPjxDq/
as value for the userPassword-attribute.

Disclaimer: Haven't tried this myself :)

hth,
-- 
Infineon Technologies IT-Services GmbH   Martin.Schuster1@infineon.com
Lakeside B05, 9020 Klagenfurt, Austria   Martin Schuster
         FB: LG Klagenfurt, FN 246787y   +43 5 1777 3517

Mime
View raw message