sss_obfuscate man page

sss_obfuscate — obfuscate a clear text password


sss_obfuscate [options] [PASSWORD]


sss_obfuscate converts a given password into human-unreadable format and places it into appropriate domain section of the SSSD config file.

The cleartext password is read from standard input or entered interactively. The obfuscated password is put into “ldap_default_authtok” parameter of a given SSSD domain and the “ldap_default_authtok_type” parameter is set to “obfuscated_password”. Refer to sssd-ldap(5) for more details on these parameters.

Please note that obfuscating the password provides no real security benefit as it is still possible for an attacker to reverse-engineer the password back. Using better authentication mechanisms such as client side certificates or GSSAPI is strongly advised.


Display help message and exit.
The password to obfuscate will be read from standard input.
-d,--domain DOMAIN
The SSSD domain to use the password in. The default name is “default”.
-f,--file FILE
Read the config file specified by the positional parameter.

Default: /etc/sssd/sssd.conf

See Also

sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-sudo(5), sss_cache(8), sss_debuglevel(8), sss_groupadd(8), sss_groupdel(8), sss_groupshow(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8). sss_rpcidmapd(5)


The SSSD upstream - http://fedorahosted.org/sssd

Referenced By

idmap_sss(8), pam_sss(8), sss_cache(8), sssctl(8), sssd(8), sssd-ad(5), sssd.conf(5), sss_debuglevel(8), sssd-ifp(5), sssd-ipa(5), sssd-krb5(5), sssd_krb5_locator_plugin(8), sssd-ldap(5), sssd-simple(5), sssd-sudo(5), sss_groupadd(8), sss_groupdel(8), sss_groupmod(8), sss_groupshow(8), sss_override(8), sss_seed(8), sss_ssh_authorizedkeys(1), sss_ssh_knownhostsproxy(1), sss_useradd(8), sss_userdel(8), sss_usermod(8).

Explore man page connections for sss_obfuscate(8).

SSSD SSSD Manual pages 10/20/2016