Ho
I made SSHA512 as default this way
dn: olcDatabase={-1}frontend,cn=config
replace: olcPasswordHash
olcPasswordHash: SSHA512
EOF
Once pw-sha2 module was loaded
https://github.com/peppelinux/ansible-slapd-eduperson2016/blob/master/roles/slapd_configure/templates/modules/pw-sha2.ldif
Il mar 7 gen 2020, 21:24 Quanah Gibson-Mount <qua...@symas.com> ha scritto:
>
>
> --On Tuesday, January 7, 2020 11:52 AM -0800 rammohan ganapavarapu
> <rammohanga...@gmail.com> wrote:
>
> >
> > Quanah,
> >
> >
> > Thanks for the quick reply, is there any plans to make SSHA512 default?
>
> No. As I said, SHA1 is mandated by RFC.
>
> > also is there any migration steps to move from SHA-1 to SSHA512 ?
>
> After deploying the sha2 module, all users must change their password so
> the hash gets updated. There is no way to magically convert existing
> hashes from SSHA1 to another scheme.
>
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
>
>
