[SAC] LDAP password cipher
Sandro Santilli
strk at kbt.io
Wed Aug 3 15:07:57 PDT 2016
On Wed, Aug 03, 2016 at 10:25:06AM -0700, Alex M wrote:
> I was in some OWASP security trainings last week for work. Based on
> those lessons I've filed some tickets on trac for things we should consider.
>
> As part of that I would like to confirm the encryption method being used
> to store the passwords. /etc/ldap/slapd.conf doesn't seem to exist
> though, and that's what the wiki page says is used. Could someone tell
> me where the conf actually is for the password encryption? Or privately
> let me know what method is in use.
I don't know where the SLAPD configuration is found, but please
once you find out do update the wiki page. I've the feeling LDAP
server internals are known by very few now (looking at Martin).
--strk;
More information about the Sac
mailing list