On Wed, Jun 8, 2016 at 11:41 PM, Xin Li <delp...@delphij.net> wrote: > > (I think the current implementation > would do everything with plaintext protocol over wire, so while it >
You are correct. This document http://puffysecurity.com/wiki/ypldap.html#2 states: # # ypldap cant use SSL or SASL... # You must allow unsecured authentication with the following line # Then setup OpenIKED VPN or use OpenSSH Socket or Port Forwording # There is still value to ypldap as it is now, and getting feedback from users (especially Active Directory) would be very useful. If someone could document a configuration which uses IPSEC or OpenSSH forwarding, that would be nice. In future, maybe someone in OpenBSD or FreeBSD will implement things like LDAP over SSL. -- Craig _______________________________________________ email@example.com mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"