We have been trying to migrate to a better password management system on our server. The problem was that all this days we were using a proprietary algorithm to create a hash (a decryptable hash).
In keeping with advances in Linux, we have decided to change this to a one way hash so as to enhance security. But ipmitool does client side HMAC SHA1 match instead of letting the server do the hash match.
Is there any implementation out there that doesn't kill all logic and manage user authentication the way ipmitool does (by requesting SHA1 hash from server)?
Is there anyway we can use ipmitool without using a decryptable hash?