Skip to content
Permalink
Browse files

Merge branch 'drybjed-slapd-sha512-rounds'

  • Loading branch information...
drybjed committed Oct 6, 2019
2 parents df4f6f0 + 203cace commit 34b2e0e142359596af0fe73542d7d8db1c2b6232
Showing with 4 additions and 1 deletion.
  1. +3 −0 CHANGELOG.rst
  2. +1 −1 ansible/roles/debops.slapd/defaults/main.yml
@@ -231,6 +231,9 @@ General
the :ref:`posixGroupId LDAP schema <slapd__ref_posixgroupid>`. This should
improve performance in UNIX environments connected to the LDAP directory.

- The number of rounds in SHA-512 password hashes has been increased from 5000
(default) to 100001. Existing password hashes will be unaffected.

:ref:`debops.sshd` role
'''''''''''''''''''''''

@@ -523,7 +523,7 @@ slapd__default_tasks:
- name: 'Configure password salt format used by the crypt(3) hash function'
dn: 'cn=config'
attributes:
olcPasswordCryptSaltFormat: '$6$%.16s'
olcPasswordCryptSaltFormat: '$6$rounds=100001$%.16s'
state: 'exact'

- name: 'Set the cn=config database root credentials'

0 comments on commit 34b2e0e

Please sign in to comment.
You can’t perform that action at this time.