sss_obfuscate(8) [centos man page]
SSS_OBFUSCATE(8) SSSD Manual pages SSS_OBFUSCATE(8) NAME
sss_obfuscate - obfuscate a clear text password SYNOPSIS
sss_obfuscate [options] [PASSWORD] DESCRIPTION
sss_obfuscate converts a given password into human-unreadable format and places it into appropriate domain section of the SSSD config file. The cleartext password is read from standard input or entered interactively. The obfuscated password is put into "ldap_default_authtok" parameter of a given SSSD domain and the "ldap_default_authtok_type" parameter is set to "obfuscated_password". Refer to sssd-ldap(5) for more details on these parameters. Please note that obfuscating the password provides no real security benefit as it is still possible for an attacker to reverse-engineer the password back. Using better authentication mechanisms such as client side certificates or GSSAPI is strongly advised. OPTIONS
-h,--help Display help message and exit. -s,--stdin The password to obfuscate will be read from standard input. -d,--domain DOMAIN The SSSD domain to use the password in. The default name is "default". -f,--file FILE Read the config file specified by the positional parameter. Default: /etc/sssd/sssd.conf SEE ALSO
sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8), sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8). AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd SSSD
06/17/2014 SSS_OBFUSCATE(8)
Check Out this Related Man Page
SSS_SEED(8) SSSD Manual pages SSS_SEED(8) NAME
sss_seed - seed the SSSD cache with a user SYNOPSIS
sss_seed [options] -D DOMAIN -n USER DESCRIPTION
sss_seed seeds the SSSD cache with a user entry and temporary password. If a user entry is already present in the SSSD cache then the entry is updated with the temporary password. OPTIONS
-D,--domain DOMAIN Provide the name of the domain in which the user is a member of. The domain is also used to retrieve user information. The domain must be configured in sssd.conf. The DOMAIN option must be provided. Information retrieved from the domain overrides what is provided in the options. -n,--username USER The username of the entry to be created or modified in the cache. The USER option must be provided. -u,--uid UID Set the UID of the user to UID. -g,--gid GID Set the GID of the user to GID. -c,--gecos COMMENT Any text string describing the user. Often used as the field for the user's full name. -h,--home HOME_DIR Set the home directory of the user to HOME_DIR. -s,--shell SHELL Set the login shell of the user to SHELL. -i,--interactive Interactive mode for entering user information. This option will only prompt for information not provided in the options or retrieved from the domain. -p,--password-file PASS_FILE Specify file to read user's password from. (if not specified password is prompted for) -?,--help Display help message and exit. NOTES
The length of the password (or the size of file specified with -p or --password-file option) must be less than or equal to PASS_MAX bytes (64 bytes on systems with no globally-defined PASS_MAX value). SEE ALSO
sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5),sss_cache(8), sss_debuglevel(8), sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8),pam_sss(8). AUTHORS
The SSSD upstream - http://fedorahosted.org/sssd SSSD
06/17/2014 SSS_SEED(8)