Hi again, I`m a bit confused how to store a SSHA256 password in the database and I can`t find any information in the wiki. Do I have to store the SHA256 hash and the salt separately (what would the password_query be like in this way) or just the final SSHA256 hash? Regards Patrick
Patrick Westenberg wrote on 27.07.2010:> Hi again,> I`m a bit confused how to store a SSHA256 password in the database and > I can`t find any information in the wiki.> Do I have to store the SHA256 hash and the salt separately (what would > the password_query be like in this way) or just the final SSHA256 hash?when you create a password with dovecotpw or doveadm you can copy&paste the generated password into your database. If you use the same password scheme for all users you can use "default_pass_scheme = ..." or as far as I know you can also override the password scheme for the users in MySQL. Just insert the password with the scheme prefix like "{SHA256}Password" into your MySQL password field to override the default password scheme. The query looks like password_query = SELECT username, password \ FROM users WHERE username = '%u' even for other password schemes than PLAIN... -- Daniel
Daniel Luttermann schrieb:> when you create a password with dovecotpw or doveadm you can > copy&paste the generated password into your database.I can?t use dovecotpw. Passwords will be generated by PHP (webfrontend).
Patrick Westenberg wrote on 28.07.2010:> Daniel Luttermann schrieb:>> when you create a password with dovecotpw or doveadm you can >> copy&paste the generated password into your database.> I can?t use dovecotpw. Passwords will be generated by PHP > (webfrontend).should be no problem... Personlly I use Horde/IMP with passwd - in the passwd plugin I can configure which encryption/hash should be used for the generated passwords (SHA,SSHA,PLAIN...). Your PHP application generates the password with the given scheme and write it to the password field. When you configure your PHP application to generate SHA,SSHA... passwords then you should also use default_pass_scheme in dovecot-sql.conf. -- Daniel
Patrick Westenberg wrote on 31.07.2010:> Hallo,> Daniel Luttermann schrieb:>> Your PHP application generates the password with the given scheme and >> write it to the password field.> wie soll ich denn via PHP dass Passwort generieren, wenn ich nicht weis > in welcher Art und Weise Passwort und Salt miteinander kombiniert werden > m?ssen damit Dovecot es versteht.> Gru? > PatrickI'm not familiar with this but there were a thread in February this year about salted passwords: http://www.dovecot.org/list/dovecot/2010-February/046715.html As far as I know dovecotpw or doveadm creates a random salt on every run so when you use PHP it should be possible to use standard routines with a random salt. -- Daniel