How can I force the passwd command to use MD5 hash and not to use crypt? I need to get the passwd command to talk to the ldap server (which it does) and use MD5 when I change passwords for the users.
Asked
Active
Viewed 3,401 times
3 Answers
2
Assuming Linux: set value of ENCRYPT_METHOD in /etc/login.defs to MD5.
Paweł Brodacki
- 6,451
- 19
- 23
-
MD5 (was and) is the choosen ENCRYPT_METHOD in /etc/login.defs - but passwd still makes {crypt} hashes in the LDAP-base. – MyOnlyEye May 14 '11 at 08:30
-
And it says pam_password md5 in ldap.conf... – MyOnlyEye May 14 '11 at 08:36
-
Try this: http://www.fusionnetwork.us/index.php/articles/linux-tutorials/enable-ldap-password-change-on-linux-using-passwd-command/ the author reports a success. – Paweł Brodacki May 14 '11 at 08:48
-
This is beginning to annoy me... if I follow the tutorial pam_password exop gives me SSHA hashes - and if I change it back to pam_password md5 I get crypt hashes. WHY!? :-) – MyOnlyEye May 14 '11 at 10:16
-
2"pam_password exop" in /etc/ldap.conf makes passwd use the password policy from the ldap server (in my case SSHA). I changed the policy in the server to MD5 and it worked. Now changes password with passwd is made with the MD5 hash - and I can happily sync all my users (and passwords) with Google Apps! – MyOnlyEye May 14 '11 at 13:35