diff --git a/bottin.hcl.example b/bottin.hcl.example
index 8c6cfa8..d10394b 100644
--- a/bottin.hcl.example
+++ b/bottin.hcl.example
@@ -12,7 +12,7 @@ job "directory" {
     task "server" {
       driver = "docker"
       config {
-        image = "lxpz/bottin_amd64:1"
+        image = "lxpz/bottin_amd64:3"
         readonly_rootfs = true
         port_map {
           ldap_port = 389
diff --git a/main.go b/main.go
index 2f9463c..fde10b2 100644
--- a/main.go
+++ b/main.go
@@ -5,6 +5,7 @@ package main
 // @FIXME: Add an initial prefix to the consul key value
 
 import (
+	"crypto/rand"
 	"crypto/tls"
 	"encoding/base64"
 	"encoding/json"
@@ -12,7 +13,6 @@ import (
 	"fmt"
 	"io/ioutil"
 	"log"
-	"crypto/rand"
 	"os"
 	"os/signal"
 	"syscall"
diff --git a/ssha.go b/ssha.go
index 134c058..0443dd0 100644
--- a/ssha.go
+++ b/ssha.go
@@ -1,12 +1,13 @@
 package main
 
 import (
-	"log"
 	"bytes"
+	"crypto/rand"
 	"crypto/sha1"
 	"encoding/base64"
 	"fmt"
-	"crypto/rand"
+	"log"
+	"strings"
 )
 
 // Encode encodes the []byte of raw password
@@ -18,7 +19,7 @@ func SSHAEncode(rawPassPhrase []byte) string {
 
 // Matches matches the encoded password and the raw password
 func SSHAMatches(encodedPassPhrase string, rawPassPhrase []byte) bool {
-	if encodedPassPhrase[:6] != "{ssha}" {
+	if !strings.EqualFold(encodedPassPhrase[:6], "{ssha}") {
 		return false
 	}