Subject: Re: integrating PAM
To: None <firstname.lastname@example.org>
From: Dan Melomedman <email@example.com>
Date: 01/23/2003 16:57:46
Jason R Thorpe wrote:
> See my last post about semantics :-)
> LDAP is *not* an authentication mechanism. LDAP is a means of looking
> up data -- in this case, user information. It's really more appropriate
> to think of LDAP in the context of NSS, etc.:
To clarify, LDAP directory is simply an electronic version of Rolodex.
It can be used for either raw credential lookups, or password
verification by binding with user credentials. Most frequently used
format for storing user passwords is MD5 and SHA1 hashes in base64.