similar to: Storing passwords encrypted... bcrypt?

hi all, can anyone help me with dovecot-sql.conf please ? I'm not a mysql expert and I'am trying to authenticate dovecot2 to an existing database. I have a database "egroupware" with table "egw_accounts". The field "account_lid" is the full email address and "account_pwd" is the password in Blowfish format. Here is my dovecot-sql.conf driver =

>> Maybe, Dovecot could just add support for BLF-CRYPT by using the open source implementation of Blowfish hashing found in https://github.com/php/php-src/tree/master/ext/standard <https://github.com/php/php-src/tree/master/ext/standard>. The implementation looks like a single function to generate the hash. I?m not much of a programmer, but it would seem to me that these .c/.h files

Hi I'd like Dovecot to consume a list of users exported from an external application which stores bcrypted passwords. This has been asked in the past, however, I'm not sure how to read the following reply: > If you are using Dovecot< 2.0 you can also use any of the algorithms > supported by your system's libc. But then you have to prefix the hashes > with {CRYPT} - not

I''m create a login form using Bcrypt-ruby but have error: uninitialized constant User::BCrypt I had setup Bcrypt-ruby in Gemfile gem "bcrypt-ruby", :require => "bcrypt" and restart,rake db:migrate but not run.I had run bundle:install,bundle: update and see Bcrypt had installed. i''m afraid that i use gem ''rails'',

> I would love to know why your ubuntu 14.04 system doesn't support sha512-crypt. I just tried SHA512-CRYPT and it is supported on Ubuntu 14.04. I think I was thinking about DBMail instead of Dovecot. I could really use support for BLF-CRYPT since my current password hashes generated by PHP are using Blowfish encryption. Maybe, Dovecot could just add support for BLF-CRYPT by using the

I''m going through DHH''s Agile Web Development with Rails for Rails 3.1. In chapter 14 they create a Users sign-in model/view/controller using the has_secure_password method. My user.rb file looks like this class User < ActiveRecord::Base attr_accessible :name, :password_digest, :password, :password_confirmation validates :name, presence: true, uniqueness:

I would like to migrate users from my old phpfusion site but I have there hash password md5(md5) how to convert this passwords to bcrypt? I creating Sinatra app whre i use this passwords with Warden. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To view this discussion on the web visit

https://bugzilla.mindrot.org/show_bug.cgi?id=1830 Summary: Patch to get py-bcrypt to build for Python 2.6 on Windows Product: py-bcrypt Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Default AssignedTo: unassigned-bugs at

I've recently converted over to dovecot to uw-imap, and am having a heck of a time trying to find actual docs that describe how to set up virtual users properly without using ldap or posgres.. Basically I need to know what goes in auth_userdb and auth_passdb for a system with *NO* local user accounts in /etc/passwd and /etc/shadow. I will only create mbox files for these users in /var/mail/%u

Hello, does dovecot support bcrypt $2y$ version? (BLF-CRYPT - Blowfish crypt) doveadm pw -s BLF-CRYPT generates a {BLF-CRYPT}$2a$05$....... password. Does this mean that dovecote will not authenticate against a $2y$10$....... password? Thanks in advance, -Graham-

(I subscribed to a daily digest for this list and can?t figure out how to reply to a reply.) Anyway, Aki Tuomi replied to my feature request saying: > We support in latest 2.2 release > > MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN > CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5 > PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY

Just upgrading to 1.0.0 and I'm trying to switch from PAM (using pam-mysql) to a direct mysql query from dovecot, and I've got both md5crypt and crypt passwords in a password db. http://wiki.dovecot.org/Authentication/PasswordSchemes seems to indicate that I have to pick 1, but that is per auth-worker, right? So, I created 2 auth workers using 2 dovecot-sql config files specifying

Hey there, I'm using the latest dovecot 2.1.13 In the wiki http://wiki2.dovecot.org/Authentication/PasswordSchemes BLF-CRYPT is listed, but i can't use it. "doveadm pw -l" doesn't show it. And i'm unsure about how I am supposed to use the different SHA schemes, since they always output different hashes for the same password. MD5 is working fine, but I'd rather not

I'm setting up a new server and am planning on using blowfish crypt. This page from the wiki http://wiki2.dovecot.org/Authentication/PasswordSchemes says the password will begin with $2a$, however mine are starting $2b$. Is this wrong on the wiki or am I doing something wrong? Just want to catch this before it becomes a problem. Thanks, Edgar

Dear Timo, Do you intend to introduce bcrypt into the built in password schemes? In lew of all these hacks lately many larger companies appear moving this way, we are looking at it too, but dovecot will then be the weakest link in the database security. So, are you planning on this and if so what sort of timeframe / version would you expect it to be in beta ? Nik

Hey! I've been trying to get bloodline champions running with wine, but encountering this weird problem. Hoping someone could give some advice. When I run in XP mode, I can log in and it runs all fine, but has no sound. But when I run any other mode (win 7, vista, 2008, etc), I get sound, but can not log in and get an error saying: wine: Call from 0x7b839f22 to unimplemented function

> Changing your php app will probably be the easiest solution. Since I?m using Docker, the easiest solution for me is to find a linux distro that can run Dovecot well and supports BLF-CRYPT as well. What Linux distros support BLF-CRYPT and are well tested and secure? > On Jun 5, 2016, at 8:54 PM, Edgar Pettijohn <edgar at pettijohn-web.com> wrote: > > On 16-06-05 20:36:35, KT

After upgrading my dovecot installation about a month ago, I have started seeing "Requested CRAM-MD5 scheme, but we have only MD5-CRYPT" message from dovecot in my logs. Any help in finding and correcting the cause will be greatly appreciated. --Richard

https://bugzilla.mindrot.org/show_bug.cgi?id=1982 Bug #: 1982 Summary: different behavior compared to php (openwall version of bcrypt) Classification: Unclassified Product: jBCrypt Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

We still have MD5 as our default password hash, even though known-hash attacks against MD5 are relatively easy these days. We've supported SHA256 and SHA512 for many years now, so how about making SHA512 the default instead of MD5, like on most Linux distributions? Index: etc/login.conf =================================================================== --- etc/login.conf (revision