reik red
2014-Dec-20 05:55 UTC
doveadm pw generates different hash each time it is invoked !?
I am absolutely dumbfounded by "doveadm pw". My understanding is that the command should be used to create a hashed password that should in turn be placed into /etc/dovecot/passwd Here comes the "dumbfounded" part. I was creating a new virtual user, running doveadm pw to generate the hashed password. But when I tried to login via imap, the password was rejected. So I started checking that I had populated /etc/dovecot/passwd with the correct values, and in the process I ran "doveadm pw" again to make certain I had not accidentally pasted the wrong value along with a username. (I'm re-submittting after setting up a subscription, so I don't have to wait for the moderator) , What happened next surprised me greatly: if I specify "-s ssha", the resulting hashed password changes each time I invoke "doveadm pw", but if I do not specify the hashing method, I get the same password each time (as I expect). What on earth is going on here? There must be something fundamental that I am missing. =============================================Illustrative example: machine(user) 6136 > doveadm pw -u joebob Enter new password: Retype new password: {CRAM-MD5}00747cf2ffaf11c5ea4a64979c3901fc1d20dee13f480bb598f7d8575b23e61b machine(user) 6137 > doveadm pw -u joebob Enter new password: Retype new password: {CRAM-MD5}00747cf2ffaf11c5ea4a64979c3901fc1d20dee13f480bb598f7d8575b23e61b #SAME, as expected machine(user) > doveadm pw -u glorg Enter new password: Retype new password: {CRAM-MD5}00747cf2ffaf11c5ea4a64979c3901fc1d20dee13f480bb598f7d8575b23e61b #another surprising behavior: The (virtual) username specified does not affect the hash!!! machine(user) 6138 > doveadm pw -u joebob -s ssha Enter new password: Retype new password: {SSHA}AtjINkQra967qIhU6khRED4U1x3aKwDi machine(user) 6139 > doveadm pw -u joebob -s ssha Enter new password: Retype new password: {SSHA}fZiFlHPKDn6ESM/gnUIcjJ14hRlH10DV # DIFFERENT, very unexpected ============================================= I'm on fedora 19, using dovecot.x86_64 version 1:2.2.15-1.fc19 per yum.
Daniel Parthey
2014-Dec-26 00:06 UTC
doveadm pw generates different hash each time it is invoked !?
Hi there, if you are getting different results on each invocation of the hash function, you might have selected a salted hashing function which generates a random salt. When you provide the same salt, you should get the same result for the same input, but when you omit the salt, it generates a random one for you. Regards Daniel
Maybe Matching Threads
- doveadm pw generates different hash each time it is invoked
- Windows XP & greyed-out Guest user password prompt
- SQL Server via DBI/ODBC configuration
- Howto setup SLES 9 w/Samba 3.04 in a Domain & SSL SWAT
- Access denied error when trying to join XP to Samba Domain