0
I need to encrypt the bindpw on the ldap.conf. Currently the password for the CN is clear text.
I am running this on Red Hat Enterprise Linux ES release 4 (Nahant Update 8) 64 bit.
Any suggestion/feedback appreciated.
maneeshshetty
Posted 2011-04-20T15:40:44.277
Reputation: 572
0
I don't think this is possible.
The LDAP client tools require to know what the password is in order to bind. You would need to use some form of reversible encryption, like AES, and AFAIK the LDAP tools can't do that.
If you're a good programmer (or know one) you could modify the client tools source code to include AES encryption.
Majenko
Posted 2011-04-20T15:40:44.277
Reputation: 29 007
0
To prevent it from being read by other users? The bindpw file is supposed to be only readable by root. Normal users use their own credentials to bind to LDAP.
To prevent it from being stored on disk? Move ldap.conf to a eCryptFS or EncFS filesystem.
user1686
Posted 2011-04-20T15:40:44.277
Reputation: 283 655