Re: change password for user

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Jan-Frode Myklebust wrote:
> I have a script that tries to sync a userdatabase with
> plaintext username/password in mysql, to a Centos Directory
> Server. Currently I've been pushing the passwords into the
> directory by first creating the SSHA1 hash in python and
> store '{SSHA}' + encode-string in the password field.
> 
> But, it occurred to me that I'm not fully sure what I'm doing 
> when creating the SSHA1 hash,

If the password is usable afterwards there's nothing wrong with
client-side password hashing. The salt should be at least 4 bytes long.

> so it would be nice to have
> the directory server do the hashing instead. I've found the
> method:
> 
> 	passwd_s(user, oldpw, newpw, [serverctrls=None, [clientctrls=None]])
> 
> but are there any way to use that when I don't know the plaintext
> 'oldpw' ?

Simply use None for oldpw.

Ciao, Michael.