On Fri, Feb 21, 2014 at 01:31:13PM +0100, Joel Carnat wrote:
> Hum, I tried it but it doesn't work.
>
> I have a slappasswd else where to test. And here's what I get :
> # print passphrase | openssl dgst -sha1 -binary | openssl enc -base64 | awk
> '{print "{SHA}"$0}'
> {SHA}ZLvhLmLU88dUQwzfUgsq6IV8ZRE=
> # echo passphrase | openssl dgst -sha1 -binary | openssl enc -base64 | awk
> '{print "{SHA}"$0}'
> {SHA}ZLvhLmLU88dUQwzfUgsq6IV8ZRE=
> # slappasswd -h {SHA} -s passphrase
> {SHA}YhAnRDQFLyD8uD4dD0kiBPyxGIQ=
>
> Using the string generated with "slappasswd" works.
> Other two don't :(
>
Do not use echo since that will ad a newline to the password.
This works for me and is simpler:
echo -n '{SHA}'; printf passphrase | sha1 -b
{SHA}YhAnRDQFLyD8uD4dD0kiBPyxGIQ=
The salted version is a bit more complex since you need to include the
base64 of the salt after the SHA1 output and include the salt after the
password when doing the SHA1.
--
:wq Claudio
