search for: crypting

>> Maybe, Dovecot could just add support for BLF-CRYPT by using the open source implementation of Blowfish hashing found in https://github.com/php/php-src/tree/master/ext/standard <https://github.com/php/php-src/tree/master/ext/standard>. The implementation looks like a single function to generate the hash. I?m not much of a programmer, but it would seem to me that these .c/.h files

> I would love to know why your ubuntu 14.04 system doesn't support sha512-crypt. I just tried SHA512-CRYPT and it is supported on Ubuntu 14.04. I think I was thinking about DBMail instead of Dovecot. I could really use support for BLF-CRYPT since my current password hashes generated by PHP are using Blowfish encryption. Maybe, Dovecot could just add support for BLF-CRYPT by using the

(I subscribed to a daily digest for this list and can?t figure out how to reply to a reply.) Anyway, Aki Tuomi replied to my feature request saying: > We support in latest 2.2 release > > MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN > CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5 > PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY

> Changing your php app will probably be the easiest solution. Since I?m using Docker, the easiest solution for me is to find a linux distro that can run Dovecot well and supports BLF-CRYPT as well. What Linux distros support BLF-CRYPT and are well tested and secure? > On Jun 5, 2016, at 8:54 PM, Edgar Pettijohn <edgar at pettijohn-web.com> wrote: > > On 16-06-05 20:36:35, KT

glibc 2.27 removes crypt(3) and suggests using libxcrypt. libxcrypt requires <crypt.h> to be included. --- customize/Makefile.am | 1 + customize/crypt-c.c | 4 ++++ m4/guestfs-misc-libraries.m4 | 27 +++++++++++++++++++-------- 3 files changed, 24 insertions(+), 8 deletions(-) diff --git a/customize/Makefile.am b/customize/Makefile.am index b4ec9286a..a22e25c46 100644

Running postfix+dovecot+mysql on a mac-mini, and trying to solve this puzzle. Is this a Mac issue?, a MySQL issue? or something I haven't configured in? You can see from the output of the samples shows in the first case, that SHA512-CRYPT seems to be Unknown. The code I used is from a Linux based tutorial on setting up Postfix+Dovecot+MySQL on a site. Everything is generally going ok, apart

That's not SHA512-CRYPT. That's just a simple sha512 of the password, without salt. A SHA512-CRYPT password will be generated with: printf "1234\n1234" | doveadm pw -s SHA512-CRYPT or: doveadm pw -s SHA512-CRYPT -p 1234 or: mkpasswd -m sha-512 1234 (without the "{SHA512-CRYPT}" prefix) What exactly is the difficulty you are having with converting the passwords?

In particular glibc's crypt will return NULL / errno == ENOSYS and other implementations might do that in future too. --- customize/crypt-c.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/customize/crypt-c.c b/customize/crypt-c.c index d5425cfaa..e358018cd 100644 --- a/customize/crypt-c.c +++ b/customize/crypt-c.c @@ -21,6 +21,7 @@ #include <stdio.h> #include

Hello all, Hoping someone can help me out here. I''ve burned almost a week trying to figure out how to decrypt an image file that has been encrypted using Blowfish CBC. I found some code on the net and have modified as follows: require ''openssl'' require ''digest/sha1'' ivArr = [0x0D, 0x0E, 0x0A, 0x0D, 0x0F, 0x0A, 0x0C, 0x0E ]

Greetings, this is less of a bug report or a help request, but we would like to know if someone can explain the following: Environment: Centos 7 with Dovecot 2.3.4-2 default_pass_scheme = BLF-CRYPT password hash in database : BLF-CRYPT login = works default_pass_scheme = SHA512 or SHA256-CRYPT password hash in database : BLF-CRYPT login = also works default_pass_scheme = BLF-CRYPT password

Hello, I have a few questions on password schemes. Is SHA512 the most secure? Is there a difference between SHA512 and SHA512-CRYPT? What about SSHA512 and SSH512-CRYPT? Is there a problem with this sql statement: UPDATE virtual_users SET password=CONCAT(?{SHA256-CRYPT}?, ENCRYPT (?Password Goes Here?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) WHERE user=?user at example.com?; I'm

> You could configure default scheme as CRYPT. It covers these all. Otherwise > you need to make sure passwords have {SCHEME} prefix when it differs from > default or oddities occur. --- Thank you for the tip with CRYPT. Is there any explanation for this behaviour though? Why are BCRYPT hashes accepted when default_pass_scheme is set to SHA512-CRYPT and not vice versa? Is this

I can't seem to get the verbose mode of time working.? I am trying to compare the compute cost of sha256-crypt to sha512-crypt: time doveadm pw -s sha256-crypt -p secret real??? 0m0.128s user??? 0m0.081s sys???? 0m0.040s time doveadm pw -s sha512-crypt -p secret real??? 0m0.162s user??? 0m0.105s sys???? 0m0.047s But all attempts to add --verbose fail: time --verbose doveadm pw -s

on a FreeBSD 11.2 amd64 machine, I am trying to get Dovecot 2.3.4 to play nice with "argonid" encryption. In the "10-auth.conf" file, I tried: auth_mechanisms = plain argon2id Upon restarting dovecot, I received an error message when attempting to actually it: auth: FATAL: Unknown authentication mechanism "ARGON2ID" Output from doveadm pw -l doveadm pw -l SHA1

Hi, I want to write some php code that users can change there dovecot password via a roundcube plugin. I'm using php function crypt(...) to generate the hashes and everything works well so far. I'm using doveadm pw to generate testhashes e.g.: srv:~ # doveadm pw -r 5 -s BLF-CRYPT -p abc {BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y I expected an

Problem: Using MySQL storage for the user and password db with MD5-CRYPT hashes, Dovecot fails to successfully authenticate when the MD5-CRYPT or MD5 settings are specified as default_pass_scheme in dovecot-mysql.conf. Dovecot /does/ successfully authenticate against MD5-CRYPT hashes when default_pass_scheme is set to CRYPT, which according to the docs should be DES encryption. (I do not

I've decided that having users supply cleartext passwords for me to encrypt and encode is a bad idea, anyway. So maybe I won't need dovecotpw. The idea is that users supply an already-encrypted password. Most of the users can fetch their login password from /etc/shadow on their own computer. Wiki page http://wiki.dovecot.org/Authentication/PasswordSchemes indicates that scheme name

Hello, Thanks for the explanation. So should I go with SSHA512 or SHA512-CRYPT? From your explanation i'm interpreting to mean that SHA512-CRYPT also salts. This is for storing in a mysql database. Also, what should the password field length and type be set for? Currently it's varchar(128) Thanks. Dave. On 4/29/17, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > >> On April

On 7.3.2019 14.00, Kristijan Savic - ratiokontakt GmbH wrote: >> You could configure default scheme as CRYPT. It covers these all. Otherwise >> you need to make sure passwords have {SCHEME} prefix when it differs from >> default or oddities occur. --- > Thank you for the tip with CRYPT. > > Is there any explanation for this behaviour though? > > Why are BCRYPT

Hello, If I try to use the crypt schemes provided by libc. I fail as follows: jnikula at jlaptop:~/$ doveadm pw -s SHA512-CRYPT -p 123456 {SHA512-CRYPT}$6$to2umWLDtqvzS8SV$ZGpBeGNKuUN/2HKG6I2BEAt.Gzrz/y.SZDkos2GT2ik8obnp3XCFWfVsKVriJa6jjHULmLIqCSSyaF5YrTH7u. jnikula at jlaptop:~/$ doveadm pw -t