1:48 p.m.
Is there any way that the value for ldap_default_authtok can be encrypted in the sssd.conf
file?
Thanks,
Mike
5:31 p.m.
On Mon, Apr 27, 2020, at 2:48 PM, Michael Dahlberg wrote:
Is there any way that the value for ldap_default_authtok can be
encrypted in the sssd.conf file?
If it were encrypted, how would SSSD decrypt it? This is the reason restrictive
permissions are required on the config files.
V/r,
James Cassell
3:04 a.m.
On Mon, Apr 27, 2020 at 06:31:59PM -0400, James Cassell wrote:
On Mon, Apr 27, 2020, at 2:48 PM, Michael Dahlberg wrote:
> Is there any way that the value for ldap_default_authtok can be
> encrypted in the sssd.conf file?
>
If it were encrypted, how would SSSD decrypt it? This is the reason restrictive
permissions are required on the config files.
Hi,
you are right. Nevertheless SSSD allows to obfuscate the password.
Please check man sss_obfuscate. With this it is at least not easy for a
person watching over your shoulder to remember the password when you
have the ssssd.conf file opened in an editor.
HTH
bye,
Sumit
V/r,
James Cassell
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
1452
days inactive
1453
days old
sssd-users@lists.fedorahosted.org
2 comments
3 participants
participants (3)
-
James Cassell -
Michael Dahlberg -
Sumit Bose