Joseph Tam
2014-Dec-29 10:02 UTC
doveadm pw generates different hash each time it is invoked
reik red writes:> (I'm re-submittting after setting up a subscription, so I don't have to wait for the moderator) > , > What happened next surprised me greatly: if I specify "-s ssha", the > resulting hashed password changes each time I invoke "doveadm pw", but > if I do not specify the hashing method, I get the same password each time (as I > expect). What on earth is going on here? There must be something > fundamental that I am missing."doveadm pw" is working correctly. CRAM-MD5 and SSHA use hashing in 2 different ways to authenticate a user. CRAM-MD5 is a challenge-response system where the server sends the client a random string each and every session. The client hashes the password and the random string and sends it to the server as proof of authenticity. The server performs the same calculation to verify. However, the server needs to know the password (or password equivalent) in order to duplicate the hash calculation. SSHA precomputes the random strings (salt) and hashes the password with it, and stores both salt and hash in the password database. During authentication, the password is (or ought to be) transmitted plain within a SSL connection from the client to the server, then the server hashes the password with the stored salt and compares with the hash in the database. Every time you run "doveadm pw -s sha" a new random salt is generated, hence a new hash is produced even though you use the same password. You would use challenge-response in situations where the communication channel is insecure (i.e. non-SSL). However, the drawback is the password database contains enough information for someone to authenticate if it should fall into the wrong hands. Joseph Tam <jtam.home at gmail.com>