Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
SLAPPW-ARGON2(5)	      File Formats Manual	      SLAPPW-ARGON2(5)

NAME
       slappw-argon2 - Argon2 password module to slapd

SYNOPSIS
       /usr/local/etc/openldap/slapd.conf

	      moduleload argon2	[<parameters>]

DESCRIPTION
       The  argon2  module to slapd(8) provides	support	for the	use of the key
       derivation function Argon2, that	was selected  as  the  winner  of  the
       Password	 Hashing  Competition  in  July	 2015,	in hashed passwords in
       OpenLDAP.

       It does so by providing the additional password scheme {ARGON2} for use
       in slapd.

CONFIGURATION
       The argon2 module does not need any configuration, but it can  be  con-
       figured by giving the following parameters:

       m=<memory>
	      Set memory usage to <memory> kiB.

       p=<parallelism>
	      Set  parallelism	to  <parallelism> threads. Currently supported
	      only when	linked with libargon2.

       t=<iterations>
	      Set the number of	iterations to <iterations>.

       These replace defaults when preparing hashes for	 new  passwords	 where
       possible.

       After  loading  the module, the password	scheme {ARGON2}	will be	recog-
       nised in	values of the userPassword attribute.

       You can then instruct OpenLDAP to use this scheme when  processing  the
       LDAPv3  Password	 Modify	 (RFC  3062)  extended operations by using the
       password-hash option in slapd.conf(5):

	      password-hash {ARGON2}

   NOTES
       If you want to use the scheme described here with slappasswd(8),	remem-
       ber to load the module using its	command	line  options.	 The  relevant
       option/value is:

	      -o module-load=argon2

       Or if non-default parameters are	required:

	      -o module-load="argon2 [<param>...]"

       Depending on argon2's location, you may also need:

	      -o module-path=pathspec

EXAMPLES
       Both  userPassword  LDAP	 attributes below encode the password 'secret'
       using different salts:

       userPassword: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$c2FsdHNhbHQ$DKlexoEJUoZTmkAAC3SaMWk30El9/RvVhlqGo6afIng

       userPassword: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$c2FsdHNhbHRzYWx0$qOCkx9nMeFlaGOO4DUmPDgrlUbgMMuO9T1+vQCFuyzw

SEE ALSO
       slapd.conf(5), ldappasswd(1), slappasswd(8), ldap(3),

       "OpenLDAP Administrator's Guide"	<http://www.OpenLDAP.org/doc/>

ACKNOWLEDGEMENTS
       This manual page	has been written by Peter Marschall based on the  mod-
       ule's README file written by Simon Levermann <simon@levermann.de>.

       OpenLDAP	  is   developed   and	maintained  by	The  OpenLDAP  Project
       <http://www.openldap.org/>.  OpenLDAP is	 derived  from	University  of
       Michigan	LDAP 3.3 Release.

OpenLDAP 2.6.9			  2024/11/26		      SLAPPW-ARGON2(5)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=slappw-argon2&sektion=5&manpath=FreeBSD+Ports+14.3.quarterly>

home | help