[CentOS] LDAP encryption, not sure.
Craig White
craig.white at ttiltd.comWed Feb 15 23:34:56 UTC 2012
- Previous message: [CentOS] LDAP encryption, not sure.
- Next message: [CentOS] LDAP encryption, not sure.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Feb 14, 2012, at 5:46 PM, Fajar Priyanto wrote: > Hi all, > I'm setting up a local LDAP server with a pass-through authentication > to another LDAP. > I'm not clear about the encryption. > > Say the case is like this. CompB is set to have LDAP authentication. > A ---> SSH ---> CompB ---> Local LDAP:389 ---> SASLAUTHD --> Global LDAP: 636 > > 1. Password on the SSH session would be encrypted, isn't it? ---- ldaps (port 636) would indeed be encrypted but it is deprecated and not typically started by default configurations these days. ---- > 2. How about when it goes to the local LDAP:389, would it be encrypted? ---- depends upon whether TLS is indicated and/or required. If you require it via an ACL on the LDAP server, then it succeeds only if the connection is made via TLS. If you require it at the client (TLS_ReqCert demand or hard), then it succeeds only if the connection is made via TLS. Craig
- Previous message: [CentOS] LDAP encryption, not sure.
- Next message: [CentOS] LDAP encryption, not sure.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list