da-dovecotlist-15 at abelonline.de
2014-Jan-11 02:34 UTC
[Dovecot] Why does dovecot require the {} password sheme even if there is a $ crypt scheme.
The wiki[1] says:
If all the passwords are in same format, you can use default_pass_scheme to
specify it. Otherwise each password needs to be prefixed with
"{password-scheme}", for example
"{plain}plaintext-password".
Why doesn't dovecot recognize the crypt scheme identifier ($1$ for
MD5-CRYPT, $6$ for SHA512-CRYPT etc.)? At the moment I have to have the
following in my db for dovecot to work:
{SHA512-CRYPT}$6$salt$passwordhash
[1]http://wiki2.dovecot.org/AuthDatabase/SQL
Nick Edwards
2014-Jan-13 02:33 UTC
[Dovecot] Why does dovecot require the {} password sheme even if there is a $ crypt scheme.
It does, we use sha512 for long time in sql conf use default_pass_scheme = CRYPT it uses the systen crypt then, (NO - this does NOT mean it uses the ancient 8 char limited crypt) it will use whatever your underlying operating system allows, and unless you are using something thats more than 10 years old, it will handle better. in our sql table $6$68341f21c4d70c67$D9Rbgw.Ecvfdbvfbfgfdbc.....................................etc On 1/11/14, da-dovecotlist-15 at abelonline.de <da-dovecotlist-15 at abelonline.de> wrote:> The wiki[1] says: > If all the passwords are in same format, you can use default_pass_scheme to > specify it. Otherwise each password needs to be prefixed with > "{password-scheme}", for example "{plain}plaintext-password". > > Why doesn't dovecot recognize the crypt scheme identifier ($1$ for > MD5-CRYPT, $6$ for SHA512-CRYPT etc.)? At the moment I have to have the > following in my db for dovecot to work: > {SHA512-CRYPT}$6$salt$passwordhash > > [1]http://wiki2.dovecot.org/AuthDatabase/SQL >