SSSD Manual pagessss_obfuscate8sss_obfuscateobfuscate a clear text passwordsss_obfuscateoptions[PASSWORD]DESCRIPTIONsss_obfuscate converts a given password into
human-unreadable format and places it into appropriate domain
section of the SSSD config file.
The cleartext password can be specified as an argument to the
program, read from standard input or entered interactively.
The obfuscated password is put into ldap_default_authtok
parameter of a given SSSD domain and the
ldap_default_authtok_type parameter is set to
obfuscated_password. Refer to
sssd-ldap5
for more details on these parameters.
Please note that obfuscating the password provides no
real security benefit as it is still possible for an
attacker to reverse-engineer the password back. Using better
authentication mechanisms such as client side certificates or GSSAPI
is strongly advised.
OPTIONS
,
The password to obfuscate will be read from standard
input.
,
DOMAIN
The SSSD domain to use the password in. The
default name is default.
,
FILE
Read the config file specified by the positional
parameter.
Default: /etc/sssd/sssd.confSEE ALSOsssd-ldap5