- sss_obfuscate [options] [PASSWORD]
The cleartext password is read from standard input or entered interactively. The obfuscated password is put into "ldap_default_authtok" parameter of a given SSSD domain and the "ldap_default_authtok_type" parameter is set to "obfuscated_password". Refer to sssd-ldap(5) for more details on these parameters.
Please note that obfuscating the password provides no real security benefit as it is still possible for an attacker to reverse-engineer the password back. Using better authentication mechanisms such as client side certificates or GSSAPI is strongly advised.
- Display help message and exit.
- The password to obfuscate will be read from standard input.
- The SSSD domain to use the password in. The default name is "default".
Read the config file specified by the positional parameter.
The SSSD upstream - http://fedorahosted.org/sssd