LDAP configuration and password hash

Hi experts!

We just made the LDAP configuration using the config.yml file.

Everything works so far but I would like to know if it’s possible to hash the password. For now, the password is clearly visible into the config.yml file…

Could you please help me?

Best regards,

Hi @vincent2mots

Don’t think that bind dn passwrod hashing is supported. ODFE has the hash tool in {ODFE_ES}/plugins/opendistro_security/tools but it is only used for internal users. You could try to hide password in the environmental variable.

Set password in docker-compose or directly in OS if you’re not running in docker.

BIND_PASS = password

In ldap section of config.yml set:

password: ${env.BIND_PASS}

Do open a feature request for this, please? Let’s raise the bar for security.

1 Like