Fedora Linux Support Community & Resources Center
  #1  
Old 25th April 2007, 01:08 AM
fz1rider Offline
Registered User
 
Join Date: Apr 2007
Posts: 5
SSHA passwords in LDAP do not work with SSH

Has anyone had / solved this problem. I can use LDAP authentication when I am using crypt passwords but not SSHA (I haven't tried the others). I will be right after I post this. The other possibility is that I am using the NIS schema and maybe that causes the SSHA not to work correctly but I can find no evidence in the schema or in documentation to support that.

Thanks for any info.

Peter
Reply With Quote
  #2  
Old 25th April 2007, 11:16 AM
ibbo Offline
Registered User
 
Join Date: Jun 2005
Location: Leeds
Posts: 1,264
What version of Ldap are you running OpenLDAP 2 should default to ssha? But then ive found it to be a trying beast at the best of times.

Ibbo
__________________
A Hangover Lasts A Day, But Our Drunken Memories Last A Lifetime
--
Linux user #349545
(GNU/Linux)iD8DBQBAzWjX+MZAIjBWXGURAmflAKCntuBbuKCWenpm XoA7LNydllVQOwCfdjyzXscddzQvlhBedAcD7qfKmHo==zx0H

Last edited by ibbo; 25th April 2007 at 11:23 AM.
Reply With Quote
  #3  
Old 25th April 2007, 02:28 PM
fz1rider Offline
Registered User
 
Join Date: Apr 2007
Posts: 5
openldap-servers-2.3.27-4 is the RPM I have installed (all the corresponding utils are also 2.3.27-4). The migrate utills default to crypt (I'm pulling from NIS). I can generate the SSHA and Cyrpt passwords using slappasswd but only the crypt passwords work.
Reply With Quote
  #4  
Old 26th April 2007, 12:58 PM
ibbo Offline
Registered User
 
Join Date: Jun 2005
Location: Leeds
Posts: 1,264
Has your rootpw been stored in SSHA (slapd.conf).
My rootpw is SSHA and my users are all crypt as defaulted by migrate.

I am wondering if slappsswd is the reason.
Give this a whirl and see if it matches your SSHA password hash

Code:
#!/usr/bin/perl
use Digest::SHA1;
use MIME::Base64;
if ($ARGV[0] eq "") {
printf STDERR "usage: ssha.pl PASSWORD\n";
exit 1;
}
$pass = Digest::SHA1->new;
$pass->add($ARGV[0]);
$pass->add('salt');
print '{SSHA}' . encode_base64($pass->digest . 'salt' ,'') . "\n";
If not try using it to auth against and see if you get any joy.

Ibbo
__________________
A Hangover Lasts A Day, But Our Drunken Memories Last A Lifetime
--
Linux user #349545
(GNU/Linux)iD8DBQBAzWjX+MZAIjBWXGURAmflAKCntuBbuKCWenpm XoA7LNydllVQOwCfdjyzXscddzQvlhBedAcD7qfKmHo==zx0H
Reply With Quote
Reply

Tags
ldap, passwords, ssh, ssha, work

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't make passwords work in POP server nonlin Servers & Networking 4 22nd June 2008 09:27 AM
autofs + ldap does not work out of the box in fedora6 natxete Using Fedora 0 5th November 2006 07:19 PM
FC 4 LDAP doesn't work ryanliao Servers & Networking 0 10th August 2005 09:16 AM
ldap don't work after update from RH 9.0 uwaechte Using Fedora 0 2nd February 2005 02:10 PM


Current GMT-time: 10:37 (Wednesday, 23-04-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat