A
Alex Moen
Guest
I have a Centos 6.2 server freshly updated. It is authenticating against an Ldap server, and I am having an issue with the hashing algorithms being used by various utilities and servers.
First of all:
authconfig --test | grep hashing
password hashing algorithm is sha512
However, when I change a password using the passwd command, I see the following:
smbldap-usershow [email protected]
dn: [email protected],ou=domain,o=ndtc
uid: [email protected]
cn: Alex M
mail: [email protected]
...
userPassword: {crypt}$1$kxH/MHL7$.51e8u0CooCalDaXsHSKD/
Crypt? OK, well, it's a crypt password even though authconfig says it'll be using sha512... But, I can log in using sshd.
Now, if I change the password using the smbpasswd utility, and rerun the smbldap-usershow command:
dn: [email protected],ou=domain,o=ndtc
uid: [email protected]
cn: Alex
mail: [email protected]
...
userPassword: {SSHA}UGRSbhcFL0qLRdj6yWvqRidZPfIiBPYb
OK, now it's an SSHA (sha512) hash! BUT, I can no longer ssh to the server!
WTF??? Anyone have any insights into what I am missing here, and more importantly, how I can fix it? I'd obviously rather use SSHA than Crypt...
TIA!
Alex
First of all:
authconfig --test | grep hashing
password hashing algorithm is sha512
However, when I change a password using the passwd command, I see the following:
smbldap-usershow [email protected]
dn: [email protected],ou=domain,o=ndtc
uid: [email protected]
cn: Alex M
mail: [email protected]
...
userPassword: {crypt}$1$kxH/MHL7$.51e8u0CooCalDaXsHSKD/
Crypt? OK, well, it's a crypt password even though authconfig says it'll be using sha512... But, I can log in using sshd.
Now, if I change the password using the smbpasswd utility, and rerun the smbldap-usershow command:
dn: [email protected],ou=domain,o=ndtc
uid: [email protected]
cn: Alex
mail: [email protected]
...
userPassword: {SSHA}UGRSbhcFL0qLRdj6yWvqRidZPfIiBPYb
OK, now it's an SSHA (sha512) hash! BUT, I can no longer ssh to the server!
WTF??? Anyone have any insights into what I am missing here, and more importantly, how I can fix it? I'd obviously rather use SSHA than Crypt...
TIA!
Alex