On Wed, Jun 8, 2016 at 11:41 PM, Xin Li <delphij_at_delphij.net> wrote: > > (I think the current implementation > would do everything with plaintext protocol over wire, so while it > You are correct. This document http://puffysecurity.com/wiki/ypldap.html#2 states: # # ypldap cant use SSL or SASL... # You must allow unsecured authentication with the following line # Then setup OpenIKED VPN or use OpenSSH Socket or Port Forwording # There is still value to ypldap as it is now, and getting feedback from users (especially Active Directory) would be very useful. If someone could document a configuration which uses IPSEC or OpenSSH forwarding, that would be nice. In future, maybe someone in OpenBSD or FreeBSD will implement things like LDAP over SSL. -- CraigReceived on Thu Jun 09 2016 - 20:34:14 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:05 UTC