On Sat, May 05, 2007 at 01:13:36AM -0500, Peter Samuelson wrote: > > > On Fri, May 04, 2007 at 11:51:02PM +0200, Petter Reinholdtsen wrote: > > > Actually, you got it backwards, as explained above. pam-ldap isn't > > > using the password hash to check the password. It is passing the > > > password over to the LDAP server (using an LDAP bind), and letting the > > > LDAP server decide if the password is correct or not. > > [Roberto C. Sánchez] > > You mean that the passwords go in the clear? > > Yes, unless you are securing the entire LDAP session, using SSL.
OK. Thanks. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
