Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Secure application user.
Operating Systems Linux Secure application user. Post 303037720 by Neo on Sunday 11th of August 2019 10:04:05 AM
Old 08-11-2019
Most user passwords used my apps are cryptographic hashes of text + salt.

In order to help you properly we need the details of what you are doing and how your passwords are used, stored, transmitted and processed.
 

8 More Discussions You Might Find Interesting

1. Windows & DOS: Issues & Discussions

F-secure application: exporting profile

Is it possible to export your saved profiles in F-secure. I have looked in F-secure's documentation, on google, here, and other places and can't seem to figure out how to do it. It seems like such a simple task... (0 Replies)
Discussion started by: dangral
0 Replies

2. UNIX for Advanced & Expert Users

any reason for a user without a homedir - security/config/application?

Hi, Can I just quick pick everyone brain here about the following: There is a security audit going on at the company I work for and one of the things that needed to be resolved was that there were a lot of users who don't have a home directory. As this is a fairly large environment of over... (5 Replies)
Discussion started by: Solarius
5 Replies

3. Linux

How to delete a user account in linux bases application.

Hi, Can anyone please guide me how can I remove/block a user from a server access. /usr/sbin/adduser -d /home/john john echo ****** | passwd --stdin john I used the above command to add a user "john". How do I delete and block john. Appreciate your responses. (1 Reply)
Discussion started by: sureshcisco
1 Replies

4. Linux

Launch application in gnome session of another user.

A gnome session is launched by UserA of System A, I am connected to userB of System B(or A) through PUTTY. I want to launch an application for eg: gedit through Putty in the display of system A. how can I achieve this. for eg:- root is logged in to System A, with gdm. DISPLAY=0.0, ip =... (4 Replies)
Discussion started by: Sivaswami
4 Replies

5. Linux

Secure NFS mount for a single user

We have Server 1 - mounts an NFS share from another server to a users directory. Server 2 - has NFS share and the share only allows access from Server 1. How can we make sure no other users on Server 1 can access the NFS mount? (5 Replies)
Discussion started by: Adrnalnrsh
5 Replies

6. Programming

Questions about user authentication in my application

Hi, all, I am a newbie to linux authentication part. Questions below really puzzle me: How to authenticate users from local storage(passwd shadow) and nis server? (Without PAM) getpwnam_r() will return a '*' in the pw_passwd field of "struct passwd". I can parse /etc/shadow. But how... (1 Reply)
Discussion started by: mythmgn
1 Replies

7. Solaris

New user: lost application manager

Dear all, I am a beginner with Solaris. I unfortunately remove the Application Manager from the Front Panel, and I really don't know how to put it again, or from where launch it... Could anyone help me? (1 Reply)
Discussion started by: avr
1 Replies

8. Shell Programming and Scripting

Piping to user application sometimes fail

Hi, currently, I have a problem in a stress test bash script. i´m using the following command: while true; do echo $"command" | ./myprogram; sleep 0.4; done --> myprogram is watching for stdin via select The problem is that it will work a couple of times. After that, the stdin fd... (3 Replies)
Discussion started by: bertl100
3 Replies

LEARN ABOUT OPENDARWIN

slappasswd

SLAPPASSWD(8C)															    SLAPPASSWD(8C)

NAME

       slappasswd - OpenLDAP password utility

SYNOPSIS

       /usr/sbin/slappasswd [-v] [-u] [-s secret|-T file] [-h hash] [-c salt-format]

DESCRIPTION

       Slappasswd is used to generate an userPassword value suitable for use with ldapmodify(1) or slapd.conf(5) rootpw configuration directive.

OPTIONS

       -v     enable verbose mode.

       -u     Generate	RFC 2307 userPassword values (the default).  Future versions of this program may generate alternative syntaxes by default.
	      This option is provided for forward compatibility.

       -s secret
	      The secret to hash.  If this and -T are absent, the user will be prompted for the secret to hash.  -s and -T and mutually  exclusive
	      flags.

       -T file
	      Hash the contents of the file.  If this and -s are absent, the user will be prompted for the secret to hash.  -s and -T and mutually
	      exclusive flags.

       -h scheme
	      If -h is specified, one of the following RFC 2307 schemes may be specified: {CRYPT}, {MD5}, {SMD5}, {SSHA}, and {SHA}.  The  default
	      is {SSHA}.

	      {SHA} and {SSHA} use the SHA-1 algorithm (FIPS 160-1), the latter with a seed.

	      {MD5} and {SMD5} use the MD5 algorithm (RFC 1321), the latter with a seed.

	      {CRYPT} uses the crypt(3).

	      {CLEARTEXT} indicates that the new password should be added to userPassword as clear text.

       -c crypt-salt-format
	      Specify  the  format of the salt passed to crypt(3) when generating {CRYPT} passwords.  This string needs to be in sprintf(3) format
	      and may include one (and only one) %s conversion.  This conversion  will	be  substituted  with  a  string  random  characters  from
	      [A-Za-z0-9./].   For example, "%.2s" provides a two character salt and "$1$%.8s" tells some versions of crypt(3) to use an MD5 algo-
	      rithm and provides 8 random characters of salt.  The default is "%s", which provides 31 characters of salt.

LIMITATIONS

       The practice storing hashed passwords in userPassword violates Standard Track (RFC 2256) schema specifications and  may	hinder	interoper-
       ability.  A new attribute type, authPassword, to hold hashed passwords has been defined (RFC 3112), but is not yet implemented in slapd(8).

SECURITY CONSIDERATIONS

       Use  of	hashed	passwords  does  not protect passwords during protocol transfer.  TLS or other eavesdropping protections should be inplace
       before using LDAP simple bind.  The hashed password values should be protected as if they were clear text passwords.

SEE ALSO

       ldappasswd(1), ldapmodify(1), slapd(8) slapd.conf(5) RFC 2307 RFC 2256 RFC 3112

       "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS

       OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).  OpenLDAP is derived from University  of  Michigan
       LDAP 3.3 Release.

OpenLDAP 2.1.X							    RELEASEDATE 						    SLAPPASSWD(8C)
All times are GMT -4. The time now is 10:43 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy