在userPassword上使用md5(OpenLDAP)

时间:2014-05-23 04:36:29

标签: ssh md5 openldap

我使用LDAP进行ssh autorithation。

userPassword {crypt}正常工作,但{md5}无效。

ldapmodify -Vv -D "cn=Manager,dc=*,dc=*" -W -f *.ldif

* LDIF:

dn: uid=*,ou=People,dc=*,dc=*
changetype: modify
replace: userPassword
userPassword: {CRYPT}eGUw6pD1aAClQ

* LDIF:

dn: uid=*,ou=People,dc=*,dc=*
changetype: modify
replace: userPassword
userPassword: {MD5}ICy5YqxZB1uWSwcVLSNLcA==

标准配置: https://wiki.gentoo.org/wiki/Centralized_authentication_using_OpenLDAP

1 个答案:

答案 0 :(得分:0)

使用ssha解决:

slappasswd -h {ssha} -c 'some_salt'.

它比普通的md5更好。

https://developer.apple.com/library/mac/documentation/Darwin/Reference/Manpages/man8/slappasswd.8.html

结果:

ssha512 

slappasswd -h {ssha} -c '$6$%s' -s 123

{CRYPT} $ 6 $ $ s2mWoK1ZzwO0v02J yi19QVOQB0ESrHwnCV.bl0RjwmwxWlNMl9z9FB0AqC9fL8SX2Q8Q2 / k0Zj.l0qNtOacq6SWMdmfkDWQ4L1cqp。

dn: uid=test1,ou=People,dc=*,dc=*
uid: test1
cn: test1
sn: test1
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {CRYPT}$6$s2mWoK1ZzwO0v02J$yi19QVOQB0ESrHwnCV.bl0RjwmwxWlNMl9z9FB0AqC9fL8SX2Q8Q2/k0Zj.l0qNtOacq6SWMdmfkDWQ4L1cqp.
shadowLastChange: 16176
loginShell: /bin/bash
uidNumber: 0
gidNumber: 0
homeDirectory: /home/test1
gecos: test1
相关问题
最新问题