On 6/7/21 8:37 PM, Stefan Kania wrote:
> that helped a lot :). My fault was I put the "olcPaswordHash" in "dn:
> cn=config", but it it must be in {-1}frontend as the result of the test
Hmmpf! Object class olcGlobal should not allow olcPasswordHash:
https://bugs.openldap.org/show_bug.cgi?id=9575
On 6/7/21 5:15 PM, Stefan Kania wrote:
> Am 07.06.21 um 16:35 schrieb Michael Ströder:
>> BTW: Note that choosing ARGON2 parameters is not trivial:
>>
>> https://openldap.org/hyperkitty/list/openldap-technical@openldap.org/message/4KYTNGJN7ETVO5RAD4W5DP5SMPBLPHA7/
>>
> The link gives me a nice 404-
On 6/7/21 3:40 PM, Stefan Kania wrote:
>
>
> Am 07.06.21 um 15:29 schrieb Michael Ströder:
>> To build with libargon2 (which supports all ARGON2 arguments):
>>
>> --enable-argon2 --with-argon2=libargon2
>
> Now it's compiling but still the same error :-(
>
> Jun 07 15:37:24 ldap25-p02 slapd[815
Thank's Quanah,
that helped a lot :). My fault was I put the "olcPaswordHash" in "dn:
cn=config", but it it must be in {-1}frontend as the result of the test
shows:
--
dn: olcDatabase={-1}frontend,cn=config
objectClass: olcDatabaseConfig
objectClass: olcFrontendConfig
olcDatabase: {-1}fron
--On Monday, June 7, 2021 9:03 PM +0200 Stefan Kania
wrote:
looks ok to me:
---
My point was to examine the generated configuration in the testrun dir,
which has a clearly working configuration for the argon2 module, and
compare it to what you've done.
Regards,
Quanah
Am 07.06.21 um 17:18 schrieb Quanah Gibson-Mount:
>
>
> --On Monday, June 7, 2021 4:40 PM +0200 Stefan Kania
> wrote:
>
>>
>>
>> Am 07.06.21 um 15:29 schrieb Michael Ströder:
>>> To build with libargon2 (which supports all ARGON2 arguments):
>>>
>>> --enable-argon2 --with-argon2=libargon2
>>
--On Monday, June 7, 2021 4:40 PM +0200 Stefan Kania
wrote:
Am 07.06.21 um 15:29 schrieb Michael Ströder:
To build with libargon2 (which supports all ARGON2 arguments):
--enable-argon2 --with-argon2=libargon2
Now it's compiling but still the same error :-(
I suggest examining test0
Am 07.06.21 um 16:35 schrieb Michael Ströder:
> On 6/7/21 3:40 PM, Stefan Kania wrote:
>>
>>
>> Am 07.06.21 um 15:29 schrieb Michael Ströder:
>>> To build with libargon2 (which supports all ARGON2 arguments):
>>>
>>> --enable-argon2 --with-argon2=libargon2
>>
>> Now it's compiling but still the
Am 07.06.21 um 15:29 schrieb Michael Ströder:
> To build with libargon2 (which supports all ARGON2 arguments):
>
> --enable-argon2 --with-argon2=libargon2
Now it's compiling but still the same error :-(
Jun 07 15:37:24 ldap25-p02 slapd[8154]: olcPasswordHash: value #0:
scheme not available
On 6/7/21 2:31 PM, Stefan Kania wrote:
> ok, I found the source files in server/slapd/pwmods. I was always
> searching in contrib/slapd-modules/passwd.
> I normally only user the debian-packages, but I want to start with 2.5
> as early as possible so I started to build 2.5 from source. Here is my
>
Hi Michael,
ok, I found the source files in server/slapd/pwmods. I was always
searching in contrib/slapd-modules/passwd.
I normally only user the debian-packages, but I want to start with 2.5
as early as possible so I started to build 2.5 from source. Here is my
./configure-line:
-
./c
On 6/7/21 10:23 AM, Stefan Kania wrote:
> ARGON2 is not part of the actual version 2.5.5 I only find the sources
> on git.openldap.org.
Not true.
It's in the main code now:
$ tar tzf openldap-2.5.5.tgz | grep argon
openldap-2.5.5/tests/scripts/test083-argon2
openldap-2.5.5/doc/man/man5/slappw-ar
Hi Quanah
Am 05.06.21 um 22:11 schrieb Quanah Gibson-Mount:
>
> Personally I'd combine that with ARGON2 password hashes for secure
> password hash storage + 2 Factor auth.
ARGON2 is not part of the actual version 2.5.5 I only find the sources
on git.openldap.org. Will it ever become part of the O
Hi Quanah,
Am 05.06.21 um 22:11 schrieb Quanah Gibson-Mount:
>
>
> --On Saturday, June 5, 2021 4:27 PM +0200 Stefan Kania
> wrote:
>
>> Hello,
>>
>> I try to set up TOTP1 and TOTP1ANDPW as passworthash. I use Debian 10
>> with Kernel 5.9 from the backports. As OpenLDAP I use 2.5.5. I set up
>>
Hello Dieter,
I think I read everything I could find, also your posting :-). The only
thing I did not not set is "security ssf=1" but I think that has nothing
to do with my error message.
What I don't understand is why can I set the option olcPasswordHash
without an error, but as soon as I try to d
Am Sat, 5 Jun 2021 15:27:40 +0200
schrieb Stefan Kania :
> Hello,
>
> I try to set up TOTP1 and TOTP1ANDPW as passworthash. I use Debian 10
> with Kernel 5.9 from the backports. As OpenLDAP I use 2.5.5. I set up
> everything via Ansible. My configure-options are:
> -
> ./configure --w
--On Saturday, June 5, 2021 4:27 PM +0200 Stefan Kania
wrote:
Hello,
I try to set up TOTP1 and TOTP1ANDPW as passworthash. I use Debian 10
with Kernel 5.9 from the backports. As OpenLDAP I use 2.5.5. I set up
everything via Ansible. My configure-options are:
root@ldap25-p01:/opt/openlda
Hello,
I try to set up TOTP1 and TOTP1ANDPW as passworthash. I use Debian 10
with Kernel 5.9 from the backports. As OpenLDAP I use 2.5.5. I set up
everything via Ansible. My configure-options are:
-
./configure --with-cyrus-sasl --with-tls=openssl --enable-overlays=mod
--enable-backend
18 matches
Mail list logo