Ok, after a  few awkward questions from an auditor, I am starting to face
the uncomfortable truth that my understanding about how FreeIPA works is a
lot fuzzier than I would like.

Specifically, the question I could not answer - where are the passwords
stored and how are they encrypted? My understanding is that all
authentication is handled by Kerberos server, which stores its data in LDAP
- but where and how is a bit of a mystery to me. Any way to dump out the
password hashes?


Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to