>>>>> Aki Tuomi <aki.tuomi at dovecot.fi>:> On 2017-03-25 17:54, Steinar Bang wrote: >> This is a PAM module that listens for password changes, and will update >> the MD5 password for a user, in a file that dovecot can read, when the >> user's password is changed: >> https://github.com/steinarb/pam_dovecotmd5pwd >> >> Caveat emptor! (Works for me...! :-) )> Maybe you could update the PAM module to upgrade user's passwords to > something safer than MD5? Like SSHA515 or CRYPT-SHA512? =)Is it possible to do CRAM[1] with any of these encryption methods? And, if so: are these encryption methods widely supported by clients? The essential part for me was to have something widely supported by clients, where the password isn't transferred over the wire as part of the authentication The last time I looked cram-md5 was the only candidate for not transferring the password in cleartext during authentication (and with dovecot cram-md5 requires a special passwd file, which is why I wrote this pam module in the first place). References: [1] <https://en.wikipedia.org/wiki/Challenge?response_authentication>
> On March 26, 2017 at 2:24 PM Steinar Bang <sb at dod.no> wrote: > > > >>>>> Aki Tuomi <aki.tuomi at dovecot.fi>: > > > On 2017-03-25 17:54, Steinar Bang wrote: > >> This is a PAM module that listens for password changes, and will update > >> the MD5 password for a user, in a file that dovecot can read, when the > >> user's password is changed: > >> https://github.com/steinarb/pam_dovecotmd5pwd > >> > >> Caveat emptor! (Works for me...! :-) ) > > > Maybe you could update the PAM module to upgrade user's passwords to > > something safer than MD5? Like SSHA515 or CRYPT-SHA512? =) > > Is it possible to do CRAM[1] with any of these encryption methods? > And, if so: are these encryption methods widely supported by clients? > > The essential part for me was to have something widely supported by > clients, where the password isn't transferred over the wire as part of > the authentication > > The last time I looked cram-md5 was the only candidate for not > transferring the password in cleartext during authentication (and with > dovecot cram-md5 requires a special passwd file, which is why I wrote > this pam module in the first place). > > References: > [1] <https://en.wikipedia.org/wiki/Challenge?response_authentication>Is there some reason you cannot protect your users with TLS/SSL? Using CRAM-MD5 is not very secure option, since you have to store the password in clear text. Plain MD5 is almost plaintext these days. Aki
>>>>> Aki Tuomi <aki.tuomi at dovecot.fi>:> Is there some reason you cannot protect your users with TLS/SSL?I do use SSL. I don't understand what that have to do with the preference of CRAM-MD5 over plain text auth?> Using CRAM-MD5 is not very secure option, since you have to store the > password in clear text. Plain MD5 is almost plaintext these days.I worry less about the security of a password stored in a local file compared to the security of transferring the same password in cleartext over the wire, SSL or not. As for alternatives, google found me SCRAM-SHA-1[1] which is supported by dovecot[2], but google couldn't find me any imap clients supporting it. Kerberos (also listed among the alternatives) would have been really neat, unfortunately private networks and NATing breaks things for Kerberos... maybe IPv6 will revitalize Kerberos...? One can hope. References: [1] <https://en.wikipedia.org/wiki/Salted_Challenge_Response_Authentication_Mechanism> [2] <http://wiki2.dovecot.org/Authentication/Mechanisms#Non-plaintext_authentication>
It is a jolly bad idea to use the same password for both email and system access. On TLS+plaintext, if your passwords are slurped by a python script, all accounts are compromised. Congratulations, the NSA will love you. On the other side of the ocean, however, there are European states where you must disclose the fact, or go to jail. (I tried to protect dovecot passwords with bcrypt, but the mail clients refused it.) Sent from ProtonMail Mobile