attribute value length limit
Alan DeKok
aland at deployingradius.com
Fri Sep 28 14:37:13 CEST 2007
Fco. Javier Melero wrote:
> Well, surely I'm missing something, but that's the way I've found to
> store clear text passwords in LDAP keeping some peace of mind. What
> could be the alternative?
Storing them as clear-text.
Encrypting them adds *zero* benefit, because application that needs
the passwords has to be given the decryption key. Since the decryption
key is scattered all over the place in your network, it's not adding
much security.
To put it another way, almost no one does what you're doing.
Alan DeKok.
More information about the Freeradius-Users
mailing list