On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote:> > > On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: >> >>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < >>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote: >>> >>> >>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < >>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> >>> wrote: >>> >>>> Jean-Daniel Dupas via dovecot wrote: >>>> > >>>> > >>>> >> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot >>>> >> < dovecot at dovecot.org <mailto:dovecot at dovecot.org> <mailto: >>>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>>> a ?crit : >>>> >> >>>> >> >>>> >> >>>> >>>> >>> ARGON2 support is added in dovecot v2.3. It also needs to be >>>> enabled >>>> >>> when compiling dovecot, so varying from packagers it might or >>>> not be >>>> >>> available. The CRYPT ones are available if crypt(3) supports >>>> them. In >>>> >>> dovecot v2.3 we have added bcrypt support regardless of crypt(3) >>>> support. >>>> >> >>>> >> CentOS7 is on dovecot 2.2.36: >>>> >> >>>> >> # doveadm pw -s ARGON2-CRYPT -p secret >>>> >> Fatal: Unknown scheme: ARGON2-CRYPT >>>> >> # doveadm pw -s ARGON2 -p secret >>>> >> Fatal: Unknown scheme: ARGON2 >>>> >> >>>> >> I tend to stay with the distro's rpms and not take on building and >>>> >> maintaining myself. >>>> > >>>>> And for the record, the hash names are ARGON2I and ARGON2ID (see >>>>> doveadm >>>>> pw -l ) >>>>> With dovecot from the dovecot.org < http://dovecot.org> repo: >>>>> # doveadm pw -s ARGON2I -p secret >>>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$bt96TSr3nVrho2SRhnNP0A$h7LYiqkw/4s6d1d+0Xpe+VUE3aISPnkYq/R7QqPRntk >>>> >>>> Also from dovecot.org < http://dovecot.org> repo: >>>> doveadm pw -s ARGON2I -p secret >>>> Fatal: Unknown scheme: ARGON2I >>>> ???? >>>> Marc >>> >>> It works for me over here: >>> >>> [wash at waridi ~]#/opt/dovecot2.3/bin/doveadm pw -s ARGON2I -p secret >>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$9pggnQBea9F3h3O31HoJEA$0zZZgwEuMRVZ3Mc/v6ckpalzVRVCr+GLBWnb8OrgsxU >>> >>> >>> >>> -- >>> Best regards, >>> Odhiambo WASHINGTON, >>> Nairobi,KE >>> +254 7 3200 0004/+254 7 2274 3223 >>> "Oh, the cruft.", grep ^[^#] :-) >> >> I'll check next week if and why argon is missing from ce packages. >> --- >> Aki Tuomi > > Marc, > > ARGON2 is supported only on Debian Stretch and Ubuntu 18 for dovecot, > due to libsodium. >libsodium does not help with CentOS7 and Dovecot 2.3: ? Installing : libsodium-1.0.17-1.el7.armv7hl?????????????????????????????? 1/1 ? Verifying? : libsodium-1.0.17-1.el7.armv7hl?????????????????????????????? 1/1 Installed: ? libsodium.armv7hl 0:1.0.17-1.el7 Complete! [root at klovia ~]# doveadm pw -s ARGON2I -p secret Fatal: Unknown scheme: ARGON2I [root at klovia ~]# doveadm pw -l MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5 PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY RPA PBKDF2 CRYPT SHA256-CRYPT SHA512-CRYPT Previously installed argon2: grep -n argon /var/log/yum.log* /var/log/yum.log:128:Feb 13 09:01:01 Installed: libargon2-20161029-2.el7.armv7hl /var/log/yum.log:129:Feb 13 09:01:01 Installed: argon2-20161029-2.el7.armv7hl -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20190220/ee964bd1/attachment-0001.html>
> On 20 February 2019 15:10 Robert Moskowitz via dovecot <dovecot at dovecot.org> wrote: > > > > > > On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote: > > > > > > > > > > On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: > > > > > > > > > > > > > > > > > On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < dovecot at dovecot.org> wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < dovecot at dovecot.org> > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > Jean-Daniel Dupas via dovecot wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot > > > > > > > > > > >> < dovecot at dovecot.org <mailto: dovecot at dovecot.org>> a ?crit : > > > > > > > > > > >> > > > > > > > > > > >> > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > >>> ARGON2 support is added in dovecot v2.3. It also needs to be enabled > > > > > > > > > > >>> when compiling dovecot, so varying from packagers it might or not be > > > > > > > > > > >>> available. The CRYPT ones are available if crypt(3) supports them. In > > > > > > > > > > >>> dovecot v2.3 we have added bcrypt support regardless of crypt(3) > > > > > > > > > > support. > > > > > > > > > > >> > > > > > > > > > > >> CentOS7 is on dovecot 2.2.36: > > > > > > > > > > >> > > > > > > > > > > >> # doveadm pw -s ARGON2-CRYPT -p secret > > > > > > > > > > >> Fatal: Unknown scheme: ARGON2-CRYPT > > > > > > > > > > >> # doveadm pw -s ARGON2 -p secret > > > > > > > > > > >> Fatal: Unknown scheme: ARGON2 > > > > > > > > > > >> > > > > > > > > > > >> I tend to stay with the distro's rpms and not take on building and > > > > > > > > > > >> maintaining myself. > > > > > > > > > > > > > > > > > > > > > > And for the record, the hash names are ARGON2I and ARGON2ID (see doveadm > > > > > > > > > > > > pw -l ) > > > > > > > > > > > With dovecot from the dovecot.org < http://dovecot.org> repo: > > > > > > > > > > > # doveadm pw -s ARGON2I -p secret > > > > > > > > > > {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$bt96TSr3nVrho2SRhnNP0A$h7LYiqkw/4s6d1d+0Xpe+VUE3aISPnkYq/R7QqPRntk > > > > > > > > > Also from dovecot.org < http://dovecot.org> repo: > > > > > > > > > doveadm pw -s ARGON2I -p secret > > > > > > > > > > Fatal: Unknown scheme: ARGON2I > > > > > > > > > ???? > > > > > > > > > Marc > > > > > > > > > > > > > > > > > > > > It works for me over here: > > > > > > > > > > > > > > > > > > > > [wash at waridi ~]#/opt/dovecot2.3/bin/doveadm pw -s ARGON2I -p secret > > > > > > > > {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$9pggnQBea9F3h3O31HoJEA$0zZZgwEuMRVZ3Mc/v6ckpalzVRVCr+GLBWnb8OrgsxU > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > Best regards, > > > > > > > > Odhiambo WASHINGTON, > > > > > > > > Nairobi,KE > > > > > > > > +254 7 3200 0004/+254 7 2274 3223 > > > > > > > > "Oh, the cruft.", grep ^[^#] :-) > > > > > > > > > > > > > > > I'll check next week if and why argon is missing from ce packages. > > > > > > --- > > > Aki Tuomi > > > > > > > Marc, > > > > > > ARGON2 is supported only on Debian Stretch and Ubuntu 18 for dovecot, due to libsodium. > > > > libsodium does not help with CentOS7 and Dovecot 2.3: > > Installing : libsodium-1.0.17-1.el7.armv7hl 1/1 > Verifying : libsodium-1.0.17-1.el7.armv7hl 1/1 > > Installed: > libsodium.armv7hl 0:1.0.17-1.el7 > > Complete! > [root at klovia ~]# doveadm pw -s ARGON2I -p secret > Fatal: Unknown scheme: ARGON2I > [root at klovia ~]# doveadm pw -l > MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5 PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY RPA PBKDF2 CRYPT SHA256-CRYPT SHA512-CRYPT > > Previously installed argon2: > > grep -n argon /var/log/yum.log* > /var/log/yum.log:128:Feb 13 09:01:01 Installed: libargon2-20161029-2.el7.armv7hl > /var/log/yum.log:129:Feb 13 09:01:01 Installed: argon2-20161029-2.el7.armv7hl > >Hi! Just installing libsodium is not enough. It's not compiled into dovecot centos7 packages because the libsodium in centos7 (not epel) is not recent enough. Aki
On 2/20/19 8:38 AM, Aki Tuomi wrote:>> On 20 February 2019 15:10 Robert Moskowitz via dovecot <dovecot at dovecot.org> wrote: >> >> >> >> >> >> On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote: >> >> >>> >>> >>> On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: >>> >>> >>>> >>>> >>>>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < dovecot at dovecot.org> wrote: >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < dovecot at dovecot.org> >>>>> >>>>> wrote: >>>>> >>>>> >>>>> >>>>> >>>>>> Jean-Daniel Dupas via dovecot wrote: >>>>>> >>>>>> >>>>>> >>>>>>>> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot >>>>>> >>>>>>>> < dovecot at dovecot.org <mailto: dovecot at dovecot.org>> a ?crit : >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>>>> ARGON2 support is added in dovecot v2.3. It also needs to be enabled >>>>>> >>>>>>>>> when compiling dovecot, so varying from packagers it might or not be >>>>>> >>>>>>>>> available. The CRYPT ones are available if crypt(3) supports them. In >>>>>> >>>>>>>>> dovecot v2.3 we have added bcrypt support regardless of crypt(3) >>>>>> >>>>>> support. >>>>>> >>>>>> >>>>>>>> CentOS7 is on dovecot 2.2.36: >>>>>> >>>>>> >>>>>>>> # doveadm pw -s ARGON2-CRYPT -p secret >>>>>> >>>>>>>> Fatal: Unknown scheme: ARGON2-CRYPT >>>>>> >>>>>>>> # doveadm pw -s ARGON2 -p secret >>>>>> >>>>>>>> Fatal: Unknown scheme: ARGON2 >>>>>> >>>>>> >>>>>>>> I tend to stay with the distro's rpms and not take on building and >>>>>> >>>>>>>> maintaining myself. >>>>>> >>>>>> >>>>>>> And for the record, the hash names are ARGON2I and ARGON2ID (see doveadm >>>>>>> >>>>>>> pw -l ) >>>>>> >>>>>>> With dovecot from the dovecot.org < http://dovecot.org> repo: >>>>>> >>>>>>> # doveadm pw -s ARGON2I -p secret >>>>>> >>>>>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$bt96TSr3nVrho2SRhnNP0A$h7LYiqkw/4s6d1d+0Xpe+VUE3aISPnkYq/R7QqPRntk >>>>> >>>>>> Also from dovecot.org < http://dovecot.org> repo: >>>>> >>>>>> doveadm pw -s ARGON2I -p secret >>>>>> >>>>>> Fatal: Unknown scheme: ARGON2I >>>>> >>>>>> ???? >>>>> >>>>>> Marc >>>>> >>>>> >>>>> >>>>> >>>>> It works for me over here: >>>>> >>>>> >>>>> >>>>> >>>>> [wash at waridi ~]#/opt/dovecot2.3/bin/doveadm pw -s ARGON2I -p secret >>>>> >>>>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$9pggnQBea9F3h3O31HoJEA$0zZZgwEuMRVZ3Mc/v6ckpalzVRVCr+GLBWnb8OrgsxU >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> >>>>> Best regards, >>>>> >>>>> Odhiambo WASHINGTON, >>>>> >>>>> Nairobi,KE >>>>> >>>>> +254 7 3200 0004/+254 7 2274 3223 >>>>> >>>>> "Oh, the cruft.", grep ^[^#] :-) >>>> >>>> >>>> >>>> >>>> I'll check next week if and why argon is missing from ce packages. >>>> >>>> --- >>>> Aki Tuomi >>>> >>> >>> Marc, >>> >>> >>> ARGON2 is supported only on Debian Stretch and Ubuntu 18 for dovecot, due to libsodium. >>> >> >> libsodium does not help with CentOS7 and Dovecot 2.3: >> >> Installing : libsodium-1.0.17-1.el7.armv7hl 1/1 >> Verifying : libsodium-1.0.17-1.el7.armv7hl 1/1 >> >> Installed: >> libsodium.armv7hl 0:1.0.17-1.el7 >> >> Complete! >> [root at klovia ~]# doveadm pw -s ARGON2I -p secret >> Fatal: Unknown scheme: ARGON2I >> [root at klovia ~]# doveadm pw -l >> MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5 PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY RPA PBKDF2 CRYPT SHA256-CRYPT SHA512-CRYPT >> >> Previously installed argon2: >> >> grep -n argon /var/log/yum.log* >> /var/log/yum.log:128:Feb 13 09:01:01 Installed: libargon2-20161029-2.el7.armv7hl >> /var/log/yum.log:129:Feb 13 09:01:01 Installed: argon2-20161029-2.el7.armv7hl >> >> > Hi! > > Just installing libsodium is not enough. It's not compiled into dovecot centos7 packages because the libsodium in centos7 (not epel) is not recent enough.It was worth the try....
On 20 Feb 2019, at 06:10, Robert Moskowitz via dovecot <dovecot at dovecot.org> wrote:> > libsodium does not help with CentOS7 and Dovecot 2.3:This is what your HTML message looks like here: <https://www.dropbox.com/s/puwyqle5nwm1c9t/Screen%20Shot%202019-02-20%20at%2007.04.05.png?dl -- the nasty little sound of a sword being unsheathed right behind one at just the point when one thought one had disposed of one's enemies [...] It was that kind of laugh. --Equal Rites
On 2/20/19 9:06 AM, @lbutlr via dovecot wrote:> On 20 Feb 2019, at 06:10, Robert Moskowitz via dovecot <dovecot at dovecot.org> wrote: >> libsodium does not help with CentOS7 and Dovecot 2.3: > This is what your HTML message looks like here: > > <https://www.dropbox.com/s/puwyqle5nwm1c9t/Screen%20Shot%202019-02-20%20at%2007.04.05.png?dl> >Thunderbird 60.4 on Fedora 28....