First of all, hello to the list. I'm currently migrating from a /etc/passwd and /etc/shadow based configuration to a MySQL based one using dovecot 99.14 on debian sarge. The problem is that the /etc/shadow containes both DES encoded (Crypt) and md5 based passwords. I've set the default system to be Crypt, and have added {MD5-CRYPT} in front of the md5 passwords in place of the $1$ header found in /etc/shadow. But I can only log in on accounts that have DES based passwords. I've included my dovecot configuration, and below are 2 examples of encoded password, one crypt and one MD5: XalGYN3cy1crA {MD5-CRYPT}RL$Bvv.TF2XJkyVI6JOUO8tx/ If anyone has any ideas I'd really appreciate them since 80 odd accounts have this problem, so changing them one by one will be difficult. David -- David Mills Enki Technologies 01 76 00 71 20 *De nouvelles offres d'emploi...* *...pour bien d?marrer 2007 !* Consulter la news <enki.fr/detail_actualite.htm?ACTU=13> - enki.fr <enki.fr> -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot.conf URL: <dovecot.org/pipermail/dovecot/attachments/20070209/bd1f81d8/attachment.pl> -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot-mysql.conf URL: <dovecot.org/pipermail/dovecot/attachments/20070209/bd1f81d8/attachment-0001.pl>
Hi David, David Mills schrieb:> I'm currently migrating from a /etc/passwd and /etc/shadow based > configuration to a MySQL based one using dovecot 99.14 on debian sarge. > > The problem is that the /etc/shadow containes both DES encoded (Crypt) > and md5 based passwords. I've set the default system to be Crypt, and > have added {MD5-CRYPT} in front of the md5 passwords in place of the $1$ > header found in /etc/shadow. But I can only log in on accounts that have > DES based passwords. > > I've included my dovecot configuration, and below are 2 examples of > encoded password, one crypt and one MD5: > XalGYN3cy1crA > {MD5-CRYPT}RL$Bvv.TF2XJkyVI6JOUO8tx/I think you should leave the $1$ header in place and handle them like any crypt password. The crypt format will be automaticaly detected. (At least this ist works for LDAP.) Regards Benjamin -- Benjamin Dabelow dabelow at tuxoft.de Offenburger Str. 29 tuxoft.de 69126 Heidelberg Germany -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature URL: <dovecot.org/pipermail/dovecot/attachments/20070213/94e4d909/attachment.bin>