On Mon, Apr 27, 2020 at 06:31:59PM -0400, James Cassell wrote: > > On Mon, Apr 27, 2020, at 2:48 PM, Michael Dahlberg wrote: > > Is there any way that the value for ldap_default_authtok can be > > encrypted in the sssd.conf file? > > > > If it were encrypted, how would SSSD decrypt it? This is the reason > restrictive permissions are required on the config files.
Hi, you are right. Nevertheless SSSD allows to obfuscate the password. Please check man sss_obfuscate. With this it is at least not easy for a person watching over your shoulder to remember the password when you have the ssssd.conf file opened in an editor. HTH bye, Sumit > > V/r, > James Cassell > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
