Monday, January 3, 2022

[389-users] Re: Help to understand pre-hashed login

you can use the pwdhash command to generate some pre-hashed passwords, and then add them to the configurations or into the user's entries:
man pwdhash
pwdhash -s SSHA512 pasword
{SSHA512}JnzerkmYXKEuMcv...snip...
Thanks,
M.

On Thu, Dec 30, 2021 at 4:05 AM Caderize Caderize <caderize@gmail.com> wrote:
Hello everyone,
i am writing a small php application in order to manage D389 users.
Currently, in order to connect to it, i saved the admin password in clear text in a config.php file, just for test.

Now i would move these settings into mysql database and hash the password for secure reason, probably sha1 or sha256 with salt(will see).
The application should retrieve credentials from mysql db(which will be a salted hashed password "{SHA}xxxxxxxxxxxx") and try to connect to D389.

My question is: Does D389 can authenticate if i pass to it a pre-hashed password?
Is there any documentation or example to follow?

Hope this question will not be considered as stupid.

Many Thanks
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

No comments:

Post a Comment