Stack Overflow
Stack Overflow

Questions tagged [ssha]

SSHA is a salted variant of the SHA hashing algorithm. It follows the same naming convention. For example: SSHA256(data, salt) = SHA256(data + salt) + salt. It is generally used for password hashing in the realm of LDAP.

19 questions
12
votes
3 answers

How can I retrieve a salt from LDAP?

The organization that I work for uses PPolicy (an OpenLDAP module) to automatically salt and hash passwords. Unfortunately, I don't have access to the machine running the OpenLDAP server, so i can't look at the config file. From what I've seen…
blkhp19
  • 482
  • 1
  • 5
  • 13
11
votes
5 answers

How do you turn on password hashing (SSHA) in openLDAP

For the life of me, I cannot seem to find this anywhere and if anyone can even just give me a link I would be very appreciative. We are trying to turn on SSHA hashing in openLDAP. By default it stores passwords in plaintext, which I think is…
Sevil Natas
  • 115
  • 1
  • 1
  • 5
9
votes
2 answers

How to securely generate SSHA256 or SSHA512 hashes in PHP?

I am working on a web administration module for mailservers (it's open source if you'd like to take a look). For that, I need to be able to generate hashed password that is readable by Dovecot. As described on their wiki, their recommended password…
mikl
  • 23,749
  • 20
  • 68
  • 89
5
votes
3 answers

Spring LDAP authentication bad credentials password in Salted SHA type

I have a project for LDAP authentication with REST service. My LDAP configuration have Salted SHA (SSHA) password hash method. In Spring's LDAP authentication best practice guide supporting SHA method when I used that I got bad credentials while…
miracyalman
  • 51
  • 1
  • 5
3
votes
2 answers

java method for password encrypt in ssha for LDAP

I want encrypt the password in ssha. Exists a method to do it? I found this but is in sha. private String encrypt(final String plaintext) { MessageDigest md = null; try { md = MessageDigest.getInstance("SHA"); }…
Massimo Mannini
  • 98
  • 2
  • 12
2
votes
1 answer

SSHA512 generating hash in c# for Postfix

I have to generate password hash with SSHA512 which could work with Postfix. I have hash generator written in Python and i need to rewrite it to C#. I wrote some code in c# that generating hash but Postfix could not verify generated password. Python…
Snakerek
  • 45
  • 5
2
votes
1 answer

How to export a SSHA-256 password in LDAP

I want to export a password from a database where the scheme for saving passwords is SSHA-256. The password of the database looks like {"salt", crypt("pass"+"salt")} and here is an example:…
AbuBakkar
  • 21
  • 3
1
vote
0 answers

How to set password encryption to SSHA in OpenLDAP C code API?

So I'm writing C++ code that wraps OpenLDAP's C code to set up a basic client controller (so I can connect to a server, view users, etc.). Whenever I add a new user though, the password gets encrypted as {CRYPT} but I need it as {SSHA}. There also…
Deoxys_0
  • 65
  • 7
1
vote
1 answer

SSHA512 Encryption and matches with spring 5

I am implementing spring security with the existing LDAP where the password are SSHA512 encoded. The deprecated LdapShaEncoder supports only {SHA} and {SSHA}. Can anyone help me implement a java SSHA512 encoder along with Spring security. Or Are…
maya16
  • 593
  • 1
  • 6
  • 19
1
vote
1 answer

SSHA password encryption on OpenLDAP

My current problem is that i cannot stop OpenLDAP to store passwords as plaintext. In an older openLDAP version , i entered following configuration in the slapd.conf ppolicy_hash_cleartext password-hash {SSHA} {SHA} So once a password was sent…
Stephan
  • 696
  • 15
  • 37
0
votes
0 answers

Java SHA-512 hash is not same python SHA-512 code with salt

I want verify hash password that genearte in python in my Java code . but hash generate in java is not same python python code def generate_ssha512_password(p: str) -> str: if isinstance(p, str): p = p.encode() p = p.strip() …
ali akbar azizkhani
  • 2,213
  • 5
  • 31
  • 48
0
votes
1 answer

CAS 6.0 How to authenticate user/password with LDAP

When i tried to connect cas-overlay-6.0 to ldap Oracle directory server 11 with a login/password into cas 6.0 application i have this error : WHO: myLogin WHAT: Supplied credentials: [UsernamePasswordCredential(username=myLogin, source=null)]…
ratm
  • 913
  • 1
  • 11
  • 20
0
votes
1 answer

ldap authentication login only works with typing in the hashed password

I have a nodejs application with angular frontend. When I want to login with a user it only works when I type in the ssha hashed password. But with the plain text password I can't login. the ldap client configuration ist: function auth(user,…
nolags
  • 633
  • 1
  • 11
  • 30
0
votes
0 answers

Where is salt key defined in openldap conf file?

I am updaing ldap userPassword using SHA-1 hashing from java code. How can I retrieve the salt key from ldap server or password which I can use to generate SSHA password. MessageDigest md = MessageDigest.getInstance("SHA1"); …
maverick
  • 1,458
  • 5
  • 20
  • 28
0
votes
0 answers

OpenLDAP Authentication with .Net over network

I'm developing a web application with a web service. One of the requisites is to authenticate against an OpenLDAP server. The password in the OpenLDAP service are stored in ssha512 (Salted SHA512). My problem is that I need the salt to hash the…
Oscar Vicente Perez
  • 847
  • 7
  • 23
1
2