On Fri, 2002-12-06 at 12:22, Aly S.P Dharshi wrote:
> Gordon,
>
> I agree, and after a test that the passwd utility does indeed change
> the password the only question is that it encodes it as a {CRYPT} and I
> want to use MD5 as my hashing scheme
>From /usr/share/doc/nss_ldap-198/README.pam_ldap:
...the pam_password
attribute, which takes the values:
pam_password [clear|crypt|md5|nds|ad|exop]
...
So, it looks to me like you'd update /etc/pam.d/system-auth and add
"pam_password=md5" to the line that begins with "password" and specifies
the pam_ldap.so
I could be mistaken though... if it doesn't work, leave out the "=" :)
>, how would one do it unless we had
> to write a script that would actually do it that way. The ldappassword
> utility does the change in SSHA not my choice of hash scheme.
It shouldn't matter too much. The pam library attempts to bind as the
user, so only the LDAP server has to understand the hash. SSHA should
have been sufficiently secure.
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
