You definitely won't be able to use a password hash as a credential for syncrepl. A hash is a one way function so you can't readily drive the password from it (except via exhaustive brute force).
To avoid storing a clear text password in your config, you'll need to use another mechanism such as GSSAPI. That's what I use in my installations. x509 certificates/keys might be another option. All of the options are more complicated that using a plain text password, but they're also bit more secure. Ben On Fri, Mar 8, 2024, 9:43 AM <[email protected]> wrote: > How to configure olcSyncrepl without a plaintext password? I tried using > credentials="{SSHA256}jRlrKRCcrhYo7SqbPDc5WkoSxaHc8y/e0DPWaAnveUkQpQ7wEOWhsw==" > format. Does olcSyncrepl accepts password in {SSHA256} format? >
