On Fri, Feb 21, 2014 at 09:24:10AM -0600, Matthew Weigel wrote:
> On 2014-02-21 5:09, Joel Carnat wrote:
>
> >What is the (native) way to generate the "SSHA" hashed format for
> >rootpw ?
>
> Is there a particular reason you want to use SSHA? Here is a short
> script that should run fine on a stock OpenBSD machine to generate a
> bcrypt hash suitable for the userPassword attribute of ldapd.
>
> #! /usr/bin/perl
> use strict;
>
> while(<>) {
> my $salt = '';
> my $new_pw = $_;
> chomp($new_pw);
>
> my @chars = split //,
> "abcdefghijklmnopqrstuvwxyz" .
> "ABCDEFGHIJKLMNOPQRSTUVWXYZ" .
> "0123456789+/";
>
> for (my $i = 0; $i < 21; $i++) {
> $salt .= $chars[int(rand($#chars+1))];
> }
>
> my $rnd_salt = '$2a$06$' . $salt . $new_pw;
>
> my $hash = crypt($new_pw, $rnd_salt);
> print("{CRYPT}$hash\n");
> }
I guess you can use 'openssl passwd' for that,
or 'openssl passwd -1' for MD5 password
however that is tagged if allowed in LDAP...
>
> --
> Matthew Weigel
> hacker
> unique & idempot . ent
--
/ Raimo Niskanen, Erlang/OTP, Ericsson AB
