You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Jarek Millburg <Ja...@eurofinsEAG.com> on 2022/07/15 17:43:46 UTC
Can you change Database Password Hash
Within the application If you use a database like MySQL for authentication it says that the passwords are salted with a random 32 byte string and then hashed with the SHA-256 hash before being stored. I was wondering if it is possible to change the hashing method to a different hash? Looking into this for reasons related to our current systems and wondering if this is possible.
Re[2]: Can you change Database Password Hash
Posted by David Haukeness <da...@hauken.us>.
Like Nick said, possible but not configurable.
You could re-write the jdbc extension for your use case. The user
model, including password and salting is here:
https://github.com/apache/guacamole-client/blob/master/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/PasswordRecordModel.java
David Haukeness
------ Original Message ------
From "Nick Couchman" <vn...@apache.org>
To user@guacamole.apache.org
Date 7/15/2022 11:49:08 AM
Subject Re: Can you change Database Password Hash
>On Fri, Jul 15, 2022 at 1:44 PM Jarek Millburg
><Ja...@eurofinseag.com> wrote:
>>
>>Within the application If you use a database like MySQL for authentication it says that the passwords are salted with a random 32 byte string and then hashed with the SHA-256 hash before being stored. I was wondering if it is possible to change the hashing method to a different hash? Looking into this for reasons related to our current systems and wondering if this is possible.
>>
>
>It is certainly possible, but not, at this time, configurable - doing
>so would require that you change some of the Java code that is used to
>process these passwords and rebuild the JDBC extension.
>
>-Nick
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
>For additional commands, e-mail: user-help@guacamole.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Can you change Database Password Hash
Posted by Nick Couchman <vn...@apache.org>.
On Fri, Jul 15, 2022 at 1:44 PM Jarek Millburg
<Ja...@eurofinseag.com> wrote:
>
> Within the application If you use a database like MySQL for authentication it says that the passwords are salted with a random 32 byte string and then hashed with the SHA-256 hash before being stored. I was wondering if it is possible to change the hashing method to a different hash? Looking into this for reasons related to our current systems and wondering if this is possible.
>
It is certainly possible, but not, at this time, configurable - doing
so would require that you change some of the Java code that is used to
process these passwords and rebuild the JDBC extension.
-Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org