Is there any way that the value for ldap_default_authtok can be encrypted in the sssd.conf file?
Thanks, Mike
On Mon, Apr 27, 2020, at 2:48 PM, Michael Dahlberg wrote:
Is there any way that the value for ldap_default_authtok can be encrypted in the sssd.conf file?
If it were encrypted, how would SSSD decrypt it? This is the reason restrictive permissions are required on the config files.
V/r, James Cassell
On Mon, Apr 27, 2020 at 06:31:59PM -0400, James Cassell wrote:
On Mon, Apr 27, 2020, at 2:48 PM, Michael Dahlberg wrote:
Is there any way that the value for ldap_default_authtok can be encrypted in the sssd.conf file?
If it were encrypted, how would SSSD decrypt it? This is the reason restrictive permissions are required on the config files.
Hi,
you are right. Nevertheless SSSD allows to obfuscate the password. Please check man sss_obfuscate. With this it is at least not easy for a person watching over your shoulder to remember the password when you have the ssssd.conf file opened in an editor.
HTH
bye, Sumit
V/r, James Cassell _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o...
sssd-users@lists.fedorahosted.org
-
James Cassell -
Michael Dahlberg -
Sumit Bose