Hello,
I have a question regarding the password field of the passwd-file [1].
According to the wiki, the password field assumes a {SCHEME} of CRYPT when the
{SCHEME} is not prefixed
to this field.
So, a passwd-file like:
user:password: . . .
? is equivalent to:
user:{CRYPT}password: . . .
Does that mean an example passwd-file with NEITHER {SCHEME} or password, like:
user at example.com:: . . . (note no scheme or password specified between
colons)
?means that the user at example.com user does not have any valid crypted
password and therefore the
user at example.com user cannot be authenticated ?
For example, if I use doveadm to create a null CRYPT password:
$ sudo doveadm pw -s CRYPT -p ?? -u user at example.com
? gives the result:
{CRYPT}txR1JRq9140Qk
? which differs from the example password field having NEITHER {SCHEME} or
password, like:
user at example.com:: . . .
? so if I attempt to logon using a null password for user at example.com when
nothing is specified in the
password field for the passwd-file:
/etc/dovecot/passwd
user at example.com:: . . .
$ sudo doveadm auth test user at example.com
password:
passdb: user at example.com auth failed
? it is impossible to logon as user at example.com with ANY PASSWORD and/or a
NULL password ?
Thanks,
- J
Sources:
[1] https://wiki2.dovecot.org/AuthDatabase/PasswdFile
you can add nopassword attribute to the end.
See?https://wiki.dovecot.org/PasswordDatabase/ExtraFields
---Aki TuomiDovecot oy
-------- Original message --------From: J Doe <general at
nativemethods.com> Date: 07/07/2018 02:39 (GMT+02:00) To: dovecot at
dovecot.org Subject: Question about password field in passwd-file
Hello,
I have a question regarding the password field of the passwd-file [1].
According to the wiki, the password field assumes a {SCHEME} of CRYPT when the
{SCHEME} is not prefixed
to this field.
So, a passwd-file like:
??? user:password: . . .
? is equivalent to:
??? user:{CRYPT}password: . . .
Does that mean an example passwd-file with NEITHER {SCHEME} or password, like:
??? user at example.com:: . . . (note no scheme or password specified between
colons)
?means that the user at example.com user does not have any valid crypted
password and therefore the
user at example.com user cannot be authenticated ?
For example, if I use doveadm to create a null CRYPT password:
??? $ sudo doveadm pw -s CRYPT -p ?? -u user at example.com
? gives the result:
??? {CRYPT}txR1JRq9140Qk
? which differs from the example password field having NEITHER {SCHEME} or
password, like:
??? user at example.com:: . . .
? so if I attempt to logon using a null password for user at example.com when
nothing is specified in the
password field for the passwd-file:
??? /etc/dovecot/passwd
??????? user at example.com:: . . .
??? $ sudo doveadm auth test user at example.com
??? password:
??? passdb: user at example.com auth failed
? it is impossible to logon as user at example.com with ANY PASSWORD and/or a
NULL password ?
Thanks,
- J
Sources:
??? [1] https://wiki2.dovecot.org/AuthDatabase/PasswdFile
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20180707/b0f57db7/attachment.html>
Apparently Analagous Threads
- 'doveadm expunge' with -A and userdb { driver = passwd }
- auth with passwd file , doublepoint in paasword
- 'doveadm expunge' with -A and userdb { driver = passwd }
- Stopping login via "nologin" parameter
- [RFE] A way to encode passwords in the /etc/imap.passwd file