cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP Auth & SSL

Armin Andres
Occasional Visitor

LDAP Auth & SSL

I'm trying to implement LDAP for user authetication on Tru64 5.1. Running an OpenLDAP server and configuring the LDAP client module, that comes with 5.1B works fine, but not very secure, since all LDAP network traffic ist plain text.

Now I managed to get OpenLDAP to work with SSL, but as far as I can see the LDAP authetication module (ldapcd) has no SSL support implemented at all. :-(

I can hardly beleive, that there is no such authentication module availible for Tru64. Where do you hide it?

Regards
Armin
6 REPLIES
Ralf Puchner
Honored Contributor

Re: LDAP Auth & SSL

5.1B supports LDAP authentification, it is also available via Internet Express Kit.
Help() { FirstReadManual(urgently); Go_to_it;; }
Michael Schulte zur Sur
Honored Contributor

Re: LDAP Auth & SSL

Hi,

look here at chapter 4, if that is what you need:
http://h30097.www3.hp.com/docs/base_doc/DOCUMENTATION/V51B_HTML/LDAP/TITLE.HTM

Michael
Armin Andres
Occasional Visitor

Re: LDAP Auth & SSL

Ralf,

if you read my original posting, you can see, that I got it working already.

---------------

Michael,

what I'm looking for ist not a Browser, I'm looking for an authentication module, that communicates to the LDAP server through SSL.

---------------

Please Correct me if I'm wrong and have a look at the following cenario:

I'm establishing a ssh connection from host A to host B. Host B got LDAP authentication enabled and 'forwards' my username and password to the LDAP server (C), and requests authentication.

In a standard LDAP setup, the traffic between client and server is unencrypted, so in my example A sends encrypted data to B. B decrypts it and forwards ist unencrypted to C.

I got a secure environment, and I want it to stay secure, so either LDAP traffic must be encrypted, or LDAP must not be used.

Now my question again: Is there a client authentication module for Tru64 5.1[A|B] that can establish encrypted connections (ideally SSL) to the LDAP server?

Regards
Armin
Johan Brusche
Honored Contributor

Re: LDAP Auth & SSL


I believe the Single Sign On (aka SSO) for interoperability with W2k has an LDAP/SSL authentication module. Do you have that subset installed to ?

Johan.

_JB_
Armin Andres
Occasional Visitor

Re: LDAP Auth & SSL

Unfortunately SSO uses Kerberos, which I'm trying to avoid. :-(
Michael Schulte zur Sur
Honored Contributor

Re: LDAP Auth & SSL

Hi,

Is it perhaps that, what you are looking for?
If you intend to use the OpenLDAP directory server with the LDAP Module for
System Authentication (see Chapter 29), manually add the following line to the
/etc/ldapcd.conf file:
crypt_passwd: 1

Michael