Re: OpenBDD authentication in LDAP using SSL

Stuart Henderson Tue, 09 Mar 2010 11:36:42 -0800

On 2010-03-09, oeslei taborda ribas <oesleitri...@gmail.com> wrote:
> Hi All.
>
>     I'm a OpenBSD newbie and this is my first e-mail in misc list.
>     I have a doubt about LDAP, do you know if OpenBSD can authenticate in
> LDAP using SSL ?
>     Let me explain better what I want, in my company we have a LDAP server
> running over Debian that is using SSL (port 636) and now I installed one
> machine running OpenBSD what I need is this machine authenticate in LDAP
> Server, then we can access this computer using ssh and authenticante in
> LDAP.
>      I followed this tutorials, but didn't work:
>      http://obfuscurity.com/2009/08/OpenBSD-as-an-LDAP-Client
>      http://www.kernel-panic.it/openbsd/pdc/pdc2.html
>
> http://blogs.helion-prime.com/2009/05/07/authorization-with-ldap-on-openbsd.h
> tml
>
>     And in the last link I found this information: "as ypldad currently
> doesnt support ldap over ssl," . Is it true ? We can't authenticate my
> OpenBSD box in LDAP if I'm using SSL ? is there a way to do it ?


You can use relayd as an ssl-wrapping proxy with a config like this:

relay ldapgw {
        listen on 127.0.0.1 port 389
        forward with ssl to real.server port 636
}

then just have ypldapd connect to localhost.

Re: OpenBDD authentication in LDAP using SSL

Reply via email to