This is pending for the Debian package and will eventually get merged
into Ubuntu. If you use cn=config, note that setting olcPasswordHash to
a scheme provided by a module will prevent slapd from starting, since
cn=module is processed later; this is unfixed upstream.
Until pw-sha2 lands, you may want to look into {CRYPT}.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1347954
Title:
build slapd-sha2 module for strong passwords
Status in “openldap” package in Ubuntu:
New
Status in “openldap” package in Debian:
Unknown
Bug description:
out of the box, the strongest password encryption supported is SSHA
(seeded SHA-1) which isn't really very good these days.
The best answer appears to be to compile up the contrib/slapd-sha2
module.
https://github.com/gcp/openldap/tree/master/contrib/slapd-
modules/passwd/sha2
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1347954/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
