Brandon G wrote:
Nathan Kinder wrote:
> On 09/22/2010 10:45 AM, Gerrard Geldenhuis wrote:
>>
>> Hi
>>
>> This is probably OT but I am not having much luck with google. How
>> can I create SSHA512 strings? I have been using either a php script
>> or slappasswd to create SSHA password but not sure how to do
>> SSHA512. openssl can create the SHA512 digest but I am not sure how
>> to add the random seed bit. My question probably illuminate my lack
>> of understanding of the subject.
>>
> Why are you pre-hashing passwords? You can set the password storage
> scheme to SSHA512 in 389 and provide a cleartext userPassword value
> to the server and it will hash it for you.
Actually, as a side note I would like to know how the format of {SSHA}
and friends compare to the conventional unix $1$seed$hash for MD5,
$2$seed$hash etc and so forth. Notably, is it possible to convert a
$1$xxxx into a {MD5...} or similar hash.
389 does support MD5 and Salted (SMD5)
hashes, specifically for
migration purposes. What format does $1$xxxx use?
Where is the Seed in SSHA?
At the end.
Is it a fixed length?
Yes, 8 bytes.
But note that you cannot convert MD5 to (S)SHA.
-Brandon
------------------------------------------------------------------------
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users