summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/man/sssd-krb5.5.xml5
-rw-r--r--src/man/sssd.conf.5.xml4
2 files changed, 8 insertions, 1 deletions
diff --git a/src/man/sssd-krb5.5.xml b/src/man/sssd-krb5.5.xml
index 04523c06..529bf24f 100644
--- a/src/man/sssd-krb5.5.xml
+++ b/src/man/sssd-krb5.5.xml
@@ -260,7 +260,10 @@
</para>
<para>
Please note that this feature currently only
- available on a Linux platform.
+ available on a Linux platform. Passwords stored in
+ this way are kept in plaintext in the kernel
+ keyring and are potentially accessible by the root
+ user (with difficulty).
</para>
<para>
Default: false
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index dd80901c..b8f22047 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -699,6 +699,10 @@
in the local LDB cache
</para>
<para>
+ User credentials are stored in a SHA512 hash, not
+ in plaintext
+ </para>
+ <para>
Default: FALSE
</para>
</listitem>