[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Pserver, PAM/OpenLDAP and SSHA Password Encryption?

From: Jim Seymour
Subject: Pserver, PAM/OpenLDAP and SSHA Password Encryption?
Date: Wed, 19 Oct 2016 11:44:10 -0400

Hi There,

I hope this is the Right Place.  Don't know if this is a bug, a known
incompatibility issue or a configuration error.  I've searched and
searched and have not been able to determine that.

  System: Ubuntu 14.04.5 LTS
OpenLDAP: 2.4.31
     CVS: 1.12.13

We're using OpenLDAP, via PAM, for user credentials.  Some users can log
on to the system just fine.  But, if they try to:

    $ export CVSROOT=':pserver:address@hidden:/prj/cvshome'
    $ cvs login
    Logging in to :pserver:address@hidden:2401/prj/cvshome
    CVS password:
    cvs login: authorization failed: server somehost.example.com
    rejected access to /prj/cvshome for user somebody

Other users worked just fine.  I figured out why it worked for some, but,
not for others: Password encryption type.

Many users have {CRYPT}-encrypted passwords.  Newer users are
{SSHA}-encrypted. If I take a user whose cvs login is failing, *manually*
generate a {CRYPT}-encrypted password and emplace it using ldapmodify:
They're in.

Can anybody tell me what's going on and how I can fix it, short of
switching our OpenLDAP password storage back to the inferior {CRYPT}

Note: My mail server employs *very* aggressive anti-spam
filtering.  If you reply to this email and your email is
rejected, please accept my apologies and let me know via my
web form at <http://jimsun.LinxNet.com/contact/scform.php>.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]