On 02/12/2015 09:05 AM, Brad House wrote:
On 02/12/2015 10:48 AM, Simo Sorce wrote:
On Thu, 2015-02-12 at 07:38 -0800, Michael Lasevich wrote:
Thank you, this is very helpful. I forgot about 'super admin', which is why
I was not even seeing the values before. :-)

How are the the values encrypted (or hashed?)

It sounds like the password is stored in two fields(I am leaving samba out
for now) - userpassword andkerberos principle key.

  Is userpassword a hash?


Of so, what kind?

Configurable, by default salted sha256 IIRC.

Out of curiousity, where is this configurable?


This is the passwordStorageScheme attribute.
Also, is it using it in
conjunction with something like PBKDF2?


I'd love to know more info on this
as we might want to increase the defaults ourselves.


Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to