On Wed, Jun 8, 2016 at 11:41 PM, Xin Li <delp...@delphij.net> wrote:

> (I think the current implementation
> would do everything with plaintext protocol over wire, so while it

You are correct.  This document http://puffysecurity.com/wiki/ypldap.html#2

    # ypldap cant use SSL or SASL...
    # You must allow unsecured authentication with the following line
    # Then setup OpenIKED VPN or use OpenSSH Socket or Port Forwording

There is still value to ypldap as it is now, and getting feedback from
users (especially Active Directory) would be very useful.
If someone could document a configuration which uses IPSEC or OpenSSH
forwarding, that would be nice.

In future, maybe someone in OpenBSD or FreeBSD will implement things like
LDAP over SSL.

freebsd-current@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Reply via email to