Anyone? Trying to get master users working. I'm not sure what info would be best, but here's the detail I have now, in trying to get it working. Setup the master user file, and enabled master users in the conf files. Created the master user file and user/password hash. Turned on authentication debug. When I try something like: telnet localhost 143 and then supply the master user login - kind of like this: 1 login joeb*jb-master somepassword I get this in the logs. (Some obfuscation done.) --- dovecot: auth: Debug: auth client connected (pid=24985) dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=34376#011resp=<hidden> dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Master user lookup for login: joeb dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): lookup: user=jb-master file=/etc/dovecot/masterusers-test dovecot: auth: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Password mismatch dovecot: auth: Debug: client passdb out: FAIL#0111#011user=jb-master --- Yet I can use htpasswd -b -c -s /etc/dovecot/masterusers-test jb-master somepassword And this succeeds. (I created the masterusers-test file with httpasswd) So, I must have the password right, but dovecot is till failing the auth, claiming a bad password. How do I go about getting more detail so I can determine what's wrong? TIA -Greg -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20210128/457a8fba/attachment.html>
Did you try with `doveadm pw -t 'hash-goes-here'`? Sometimes you need to use passdb { driver = passwd-file args = scheme=your-pw-scheme /path/to/file } Note that the path must be placed last. Aki> On 28/01/2021 20:53 Gregory Sloop <gregs at sloop.net> wrote: > > > Anyone? > > > > > > Trying to get master users working. > > I'm not sure what info would be best, but here's the detail I have now, in trying to get it working. > Setup the master user file, and enabled master users in the conf files. > Created the master user file and user/password hash. > > Turned on authentication debug. > When I try something like: > telnet localhost 143 > and then supply the master user login - kind of like this: > 1 login joeb*jb-master somepassword > > I get this in the logs. (Some obfuscation done.) > --- > dovecot: auth: Debug: auth client connected (pid=24985) > dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=34376#011resp=<hidden> > dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Master user lookup for login: joeb > dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): lookup: user=jb-master file=/etc/dovecot/masterusers-test > dovecot: auth: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Password mismatch > dovecot: auth: Debug: client passdb out: FAIL#0111#011user=jb-master > --- > > Yet I can use > htpasswd -b -c -s /etc/dovecot/masterusers-test jb-master somepassword > And this succeeds. (I created the masterusers-test file with httpasswd) > > So, I must have the password right, but dovecot is till failing the auth, claiming a bad password. > > How do I go about getting more detail so I can determine what's wrong? > > TIA > -Greg > >
Top posting. Following up on this... I can't recall if I ever used the "doveadm pw -t 'hash-goes-here'" method or not. But I did get it working. I was never able to get it to work using the htpasswd utility as suggested in the Wiki. And as noted, htpasswd was able to "verify" the hash in the file it generated - so I know the hash matches the password I intended. Prior to Aki suggesting the doveadm method, I'd actually already done so. I used [IIRC] doveadm pw -s SHA512-CRYPT [I note the hash type, specifically, because I only know that this one hash works, so if there's any question later, from someone else struggling, try this specific one.] After generating the hash, and including it in the file, and restarting/reloading dovecot I can now auth with a master user. I'd recommend that someone either update the docs/wiki after verifying that htpasswd works and how, or remove it from the wiki and leave the doveadm version only. -Greg AT> Did you try with `doveadm pw -t 'hash-goes-here'`? AT> Sometimes you need to use AT> passdb { AT> driver = passwd-file AT> args = scheme=your-pw-scheme /path/to/file AT> } AT> Note that the path must be placed last. AT> Aki>> On 28/01/2021 20:53 Gregory Sloop <gregs at sloop.net> wrote:>> Anyone? >> >> >>>> Trying to get master users working. >> >> I'm not sure what info would be best, but here's the detail I have now, in trying to get it working. >> Setup the master user file, and enabled master users in the conf files. >> Created the master user file and user/password hash. >> >> Turned on authentication debug. >> When I try something like: >> telnet localhost 143 >> and then supply the master user login - kind of like this: >> 1 login joeb*jb-master somepassword >> >> I get this in the logs. (Some obfuscation done.) >> --- >> dovecot: auth: Debug: auth client connected (pid=24985) >> dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=34376#011resp=<hidden> >> dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Master user lookup for login: joeb >> dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): lookup: user=jb-master file=/etc/dovecot/masterusers-test >> dovecot: auth: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Password mismatch >> dovecot: auth: Debug: client passdb out: FAIL#0111#011user=jb-master >> --- >> >> Yet I can use >> htpasswd -b -c -s /etc/dovecot/masterusers-test jb-master somepassword >> And this succeeds. (I created the masterusers-test file with httpasswd) >> >> So, I must have the password right, but dovecot is till failing the auth, claiming a bad password. >> >> How do I go about getting more detail so I can determine what's wrong? >> >> TIA >> -Greg >>-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20210201/c19b261d/attachment.html>