On Thu, 6 Sep 2001 at 10:17, Ian C. Sison wrote:
> if 1st three letters is $1$, it's a crypt MD5 password. The 'hash' is
> from the start of the string to the third '$'. So pass this entire
> string to crypt as the hash. if not, it's a crypt DES password, pass
> only the first two letters.
Hmm ... I wonder then if {crypt}blahblah where blahblah is everything
after the second $ will work. Hmm ... I'll try.
Another solution of course will be to re-do all the passwords with some
random generator (also re-secures the passwords of the users) using {SSHA}
with slappasswd(8C).
I noticed that LDAP will modify the password (ie: even if you view your
encrypted password as root or the owning user, it's not using {crypt} or
{MD5} or anything that I think I can then export if say, I want to move
back to standard /etc/{passwd,shadow}). Orly, would you know what "format"
is used?
> Then this is something that just uses plain MD5, which is incompatible
> with the algo that crypt uses. You can't transfer between the two, so
> you can't migrate the existing crypt-MD5 passwords to your LDAP store.
I'll try {crypt}blahblah trimming out the first three characters and see
if that works. BTW, does your MySQL auth PAM module allow passwd to change
passwords? AFAIK pam_ldap does.
--> Jijo
--
Federico Sevilla III :: [EMAIL PROTECTED]
Network Administrator :: The Leather Collection, Inc.
GnuPG Key: <http://jijo.leathercollection.ph/jijo.gpg>
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
