3

I have hashed and salted passwords in OpenLDAP for login via PAM in Linux. The setup works when the hashes are of type SHA-1 (salted or unsalted) or plain text. In these cases everything works fine and a user can login with these credentials.

If I switch to salted SHA-256 (SSHA-256) passwords, then the user can't login with the correct password. Probably pam_ldap does not understand SHA-256? I can't find any documentation stating this restriction, but also can't find configuration examples showing that it is possible.

What do I have to do? Configure/compile pam_ldap for SHA-256? Use something else than PAM?

I am forced to use salted SHA-256 as the credentials are already present in another (leading) datastore and have to be synchronized to OpenLDAP.

mailq
  • 17,023
  • 2
  • 37
  • 69
  • Sorry: I don't understand what does it mean "switch to SHA-256". How do you do that? Is it a `pam` configuration? If you want to store `SHA-256` passwords on OpenLDAP you require a module. – 473183469 Nov 09 '15 at 11:44
  • @473183469 I just store the password with a different hashing algorithm "by hand" using an OpenLDAP configuration UI. – mailq Nov 09 '15 at 11:57
  • The prefix per SHA256 is `{SHA256}`. Does the userPassword attribute of your users start with this prefix? – 473183469 Nov 09 '15 at 12:03
  • @473183469 No. The prefix is {ssha256}, but this is not the problem. PAM is the problem. – mailq Nov 09 '15 at 12:06
  • @473183469 That's it (true). – mailq Nov 09 '15 at 12:48
  • Oh yes, for salted SHA256 prefix is: `{SSHA256}`. Do you successfully bind to directory with a user with SHA256 password for example with `ldapwhoami`? This will confirm PAM is the problem. – 473183469 Nov 09 '15 at 12:50
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/31306/discussion-between-473183469-and-mailq). – 473183469 Nov 09 '15 at 12:50

1 Answers1

1

see CRYPT function ? https://www.redpill-linpro.com/techblog/2016/08/16/ldap-password-hash.html

OpenLDAP pass-through authentication

OpenLDAP can also use external processes to verify and hash passwords. These schemes are:

CRYPT - will use the OS’ crypt library as a password handler SASL - will use Cyrus SASL as a password handler Cyrus SASL was last updated in 2012, but CRYPT is a part of the POSIX API and should be continuously updated. So - can CRYPT give us an up-to-date hash?

Crypt to the rescue

It turns out that Linux based glibc version of crypt support additional encryption schemes through an additional versioning scheme encoded in the password hash sometimes called the modular crypt format:

1 - MD5 2a - Blowfish / bcrypt 5 - SHA-256 6 - SHA-512

olivier
  • 11
  • 1