Мне нужно зашифровать bindpw на ldap.conf. В настоящее время пароль для CN является открытым текстом.
Я использую это в 64-разрядной версии Red Hat Enterprise Linux ES 4 (обновление Nahant 8).
Любые предложения / отзывы приветствуются.
I don't think this is possible.
The LDAP client tools require to know what the password is in order to bind. You would need to use some form of reversible encryption, like AES, and AFAIK the LDAP tools can't do that.
If you're a good programmer (or know one) you could modify the client tools source code to include AES encryption.
To prevent it from being read by other users? The bindpw file is supposed to be only readable by root. Normal users use their own credentials to bind to LDAP.
To prevent it from being stored on disk? Move ldap.conf to a eCryptFS or EncFS filesystem.