Provided by: slapd_2.5.13+dfsg-1ubuntu1_amd64 bug

NAME
       slappw-argon2 - Argon2 password module to slapd


SYNOPSIS
       /etc/ldap/slapd.conf

              moduleload argon2 [<parameters>]


DESCRIPTION
       The  argon2 module to slapd(8) provides support for the use of the key derivation function
       Argon2, that was selected as the winner of the Password Hashing Competition in July  2015,
       in hashed passwords in OpenLDAP.

       It does so by providing the additional password scheme {ARGON2} for use in slapd.


CONFIGURATION
       The  argon2 module does not need any configuration, but it can be configured by giving the
       following parameters:

       m=<memory>
              Set memory usage to <memory> kiB.

       p=<parallelism>
              Set parallelism to <parallelism> threads. Currently supported only when linked with
              libargon2.

       t=<iterations>
              Set the number of iterations to <iterations>.

       These replace defaults when preparing hashes for new passwords where possible.

       After loading the module, the password scheme {ARGON2} will be recognised in values of the
       userPassword attribute.

       You can then instruct OpenLDAP to use this scheme  when  processing  the  LDAPv3  Password
       Modify (RFC 3062) extended operations by using the password-hash option in slapd.conf(5):

              password-hash {ARGON2}

   NOTES
       If  you  want  to  use  the scheme described here with slappasswd(8), remember to load the
       module using its command line options.  The relevant option/value is:

              -o module-load=argon2

       Or if non-default parameters are required:

              -o module-load="argon2 [<param>...]"

       Depending on argon2's location, you may also need:

              -o module-path=pathspec


EXAMPLES
       Both userPassword LDAP attributes below  encode  the  password  'secret'  using  different
       salts:

       userPassword: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$c2FsdHNhbHQ$DKlexoEJUoZTmkAAC3SaMWk30El9/RvVhlqGo6afIng

       userPassword: {ARGON2}$argon2i$v=19$m=4096,t=3,p=1$c2FsdHNhbHRzYWx0$qOCkx9nMeFlaGOO4DUmPDgrlUbgMMuO9T1+vQCFuyzw


SEE ALSO
       slapd.conf(5), ldappasswd(1), slappasswd(8), ldap(3),

       "OpenLDAP Administrator's Guide" ⟨http://www.OpenLDAP.org/doc/
ACKNOWLEDGEMENTS
       This  manual  page  has  been written by Peter Marschall based on the module's README file
       written by Simon Levermann ⟨simon@levermann.de⟩.

       OpenLDAP is developed and maintained by The OpenLDAP  Project  ⟨http://www.openldap.org/⟩.
       OpenLDAP is derived from University of Michigan LDAP 3.3 Release.