Password Encryption (Sun Directory Services 3.1 Administration Guide)

Sun Directory Services 3.1 Administration Guide

Previous: RADIUS Server Encryption
Next: Chapter 3 Planning a Directory Service

Password Encryption

Directory entries can contain user password attributes that are used to authenticate the user to the directory. By default, the values of such attributes are stored in a protected format, identified by the keyword {sunds} in the server configuration file. The encryption algorithm permits the use of the CRAM-MD5 authentication mechanism.

You can also encrypt user passwords using the crypt(3) encryption algorithm, which is the algorithm commonly applied to passwords stored in the /etc/passwd file. This algorithm is incompatible with the CRAM-MD5 authentication mechanism. This encryption method is identified by the keyword {crypt} in the server configuration file.

See "Configuring Security" for details of how to specify whether or not passwords are stored in an encrypted format.

Previous: RADIUS Server Encryption
Next: Chapter 3 Planning a Directory Service