Comment # 2 on bug 1112999 from 
(In reply to Matthias Gerstner from comment #1)
> I am not quite sure if I completely understand the issues you are describing.
> Some notes, however:
> 
> - you should not be using MD5 as password hash algorithm, because it is not a
>   safe practice any more.
> - when you change the password encryption type in YaST then existing
> passwords
>   will not be converted. You need to set the user's password again for making
>   the changed algorithm effective.
> 
> So your target should be to get sha256 password hashes working correctly. For
> this you should inspect your 389-ds configuration on server and client side
> closely.
> 
> I am adding the 389-ds maintainers to CC, maybe they can help a bit more with
> this.


Hi
We are not trying to use MD5, But when we store password in md5 is only when
the clients are able to authenticate. We would like to Set it to better SHA or
AES 256 encryptions. 

Can you help us to identify how we can change the encryption on the client side
and server side? As you can see in the attached document that yast2 is not
changing the default encryption.

As there is very little documentation from OpenSUSE on 389-DS, we are not able
to configure the server or client to do matchmaking of the password. For us,
only md5 encryption has worked.

Any help will be appreciated.

You are receiving this mail because: