dovecot - Feb 2007 - MD5-CRYPT passwords in a MySQL Database

First of all, hello to the list.


I'm currently migrating from a /etc/passwd and /etc/shadow based 
configuration to a MySQL based one using dovecot 99.14 on debian sarge.

The problem is that the /etc/shadow containes both DES encoded (Crypt) 
and md5 based passwords. I've set the default system to be Crypt, and 
have added {MD5-CRYPT} in front of the md5 passwords in place of the $1$ 
header found in /etc/shadow. But I can only log in on accounts that have 
DES based passwords.

I've included my dovecot configuration, and below are 2 examples of 
encoded password, one crypt and one MD5:
XalGYN3cy1crA                             
{MD5-CRYPT}RL$Bvv.TF2XJkyVI6JOUO8tx/


If anyone has any ideas I'd really appreciate them since 80 odd accounts 
have this problem, so changing them one by one will be difficult.

David

-- 
David Mills
Enki Technologies
01 76 00 71 20
*De nouvelles offres d'emploi...*
*...pour bien d?marrer 2007 !*
Consulter la news <http://www.enki.fr/detail_actualite.htm?ACTU=13> - 
enki.fr <http://www.enki.fr>

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dovecot.conf
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20070209/bd1f81d8/attachment.pl>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dovecot-mysql.conf
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20070209/bd1f81d8/attachment-0001.pl>

Hi David,

David Mills schrieb:
> I'm currently migrating from a /etc/passwd and /etc/shadow based
> configuration to a MySQL based one using dovecot 99.14 on debian sarge.
> 
> The problem is that the /etc/shadow containes both DES encoded (Crypt)
> and md5 based passwords. I've set the default system to be Crypt, and
> have added {MD5-CRYPT} in front of the md5 passwords in place of the $1$
> header found in /etc/shadow. But I can only log in on accounts that have
> DES based passwords.
> 
> I've included my dovecot configuration, and below are 2 examples of
> encoded password, one crypt and one MD5:
> XalGYN3cy1crA                            
> {MD5-CRYPT}RL$Bvv.TF2XJkyVI6JOUO8tx/
I think you should leave the $1$ header in place and handle them like
any crypt password. The crypt format will be automaticaly detected. (At
least this ist works for LDAP.)

Regards

	Benjamin
-- 
Benjamin Dabelow                      dabelow at tuxoft.de
Offenburger Str. 29                   tuxoft.de
69126 Heidelberg
Germany

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20070213/94e4d909/attachment.bin>