Quanah Gibson-Mount wrote: > --On Monday, April 29, 2013 3:28 PM -0700 Chris Hiestand <[email protected]> > wrote: > >> Since SSHA-1 is weak these days I'd like to switch to PBKDF2, Bcrypt or >> the like with key stretching. Since Openldap does not support relatively >> strong hashes, do you guys use SASL to store stronger hashes? If so, what >> kind of backend are you using to store hashes? > > I would suggest you look at the contrib password module, which supports a > number of schemes.
To be more precise: One could use the sources in contrib/slapd-modules/passwd/ as a template for implementing PBKDF2, Bcrypt, etc. schemes. There are no such implementations yet. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
