Hum, I tried it but it doesn't work.
I have a slappasswd else where to test. And here's what I get :
# print passphrase | openssl dgst -sha1 -binary | openssl enc -base64 | awk
'{print "{SHA}"$0}'
{SHA}ZLvhLmLU88dUQwzfUgsq6IV8ZRE=
# echo passphrase | openssl dgst -sha1 -binary | openssl enc -base64 | awk
'{print "{SHA}"$0}'
{SHA}ZLvhLmLU88dUQwzfUgsq6IV8ZRE=
# slappasswd -h {SHA} -s passphrase
{SHA}YhAnRDQFLyD8uD4dD0kiBPyxGIQ=
Using the string generated with "slappasswd" works.
Other two don't :(
Le 21 févr. 2014 à 13:18, Marcus MERIGHI <[email protected]> a écrit :
> [email protected] (Joel Carnat), 2014.02.21 (Fri) 12:09 (CET):
>> I want to generate a hashed rootpw for native ldapd (on OBSD 5.4).
>> I've tried various things like `echo secret | sha256` but I can't
>> authenticate.
>>
>> If possible, I'd like not to install openldap-server just to get slappasswd.
>>
>> What is the (native) way to generate the "SSHA" hashed format for rootpw ?
>
> ``What are {SHA} and {SSHA} passwords and how do I generate them?''
> http://www.openldap.org/faq/data/cache/347.html
>
> Easiest way there seems to be:
>
> print "passphrase" | openssl dgst -sha1 -binary | \
> openssl enc -base64 | awk '{print "{SHA}"$0}'
>
> No way to test here...
>
> Bye, Marcus
