mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
70 lines
1.8 KiB
Groff
70 lines
1.8 KiB
Groff
.TH SLAPPASSWD 8C "20 August 2000" "OpenLDAP LDVERSION"
|
|
.\" $OpenLDAP$
|
|
.\" Copyright 1998-2000 The OpenLDAP Foundation All Rights Reserved.
|
|
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
|
|
.SH NAME
|
|
slappasswd \- OpenLDAP password utility
|
|
.SH SYNOPSIS
|
|
.B SBINDIR/slappasswd
|
|
.B [\-v]
|
|
.B [\-u]
|
|
.B [\-s secret]
|
|
.B [\-h hash]
|
|
.B
|
|
.LP
|
|
.SH DESCRIPTION
|
|
.LP
|
|
.B Slappasswd
|
|
is used to generate an userPassword value
|
|
suitable for use with
|
|
.BR ldapmodify (1)
|
|
or
|
|
.BR slapd.conf (5)
|
|
.I rootpw
|
|
coniguration directive.
|
|
.SH OPTIONS
|
|
.TP
|
|
.B \-v
|
|
enable verbose mode.
|
|
.B \-u
|
|
generate RFC2307 userPassword values (the default). Future
|
|
versions of this program may generate alternative syntaxes
|
|
by default. This option is provided for forward compatibility.
|
|
.TP
|
|
.BI \-s " secret"
|
|
The secret to hash. If not provided, the user will be prompted
|
|
for the secret to hash.
|
|
.TP
|
|
If -h is specified, one of the following RFC2307 schemes may
|
|
be specified:
|
|
.IR {CRYPT} ,
|
|
.IR {MD5} ,
|
|
.IR {SMD5} ,
|
|
.IR {SSHA} ", and"
|
|
.IR {SHA} .
|
|
The default is
|
|
.IR {SSHA} .
|
|
.LP
|
|
.SH LIMITATIONS
|
|
The practice storing hashed passwords in userPassword violates
|
|
Standard Track (RFC2256) schema specifications and may hinder
|
|
interoperability. A new attribute type to hold hashed
|
|
passwords is needed.
|
|
.SH "SECURITY CONSIDERATIONS"
|
|
Use of hashed passwords does not protect passwords during
|
|
protocol transfer. TLS or other eavesdropping protections
|
|
should be inplace before using LDAP simple bind. The
|
|
hashed password values should be protected as if they
|
|
were clear text passwords.
|
|
.SH "SEE ALSO"
|
|
.BR ldappasswd (1),
|
|
.BR ldapmodify (1),
|
|
.BR slapd (8)
|
|
.BR slapd.conf (5)
|
|
.LP
|
|
"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
|
|
.SH ACKNOWLEDGEMENTS
|
|
OpenLDAP is developed and maintained by
|
|
The OpenLDAP Project (http://www.openldap.org/).
|
|
OpenLDAP is derived from University of Michigan LDAP 3.3 Release.
|