search for: cryptokey

Hi, we have a problem. Command "doveadm mailbox cryptokey" does not work: # doveadm mailbox cryptokey usage: doveadm [-Dv] [-f <formatter>] mailbox <command> [<args>] create [-u <user>|-A] [-S <socket_path>] [-s] [-g <guid>] <mailbox> [...] delete [-u <user>|-A] [-S <socket_path>]...

...u forgot to load mail_crypt plugin. > > mail_plugins = $mail_plugins mail_crypt > With these settings also. # dovecot -n ..... mail_location = mbox:~/mail:INBOX=/var/mail/%u mail_plugins = " mail_crypt" mbox_write_locks = fcntl ..... # service dovecot restart # doveadm mailbox cryptokey usage: doveadm [-Dv] [-f ......... # ls /usr/lib64/dovecot/modules/* | grep mail_crypt /usr/lib64/dovecot/modules/lib05_mail_crypt_acl_plugin.so /usr/lib64/dovecot/modules/lib10_mail_crypt_plugin.so /usr/lib64/dovecot/modules/libfs_mail_crypt.so /usr/lib64/dovecot/modules/doveadm/libdoveadm_mail_...

On 12.01.2017 16:05, Evgeniy Korneechev wrote: > Hi, we have a problem. > Command "doveadm mailbox cryptokey" does not work: > > # doveadm mailbox cryptokey > usage: doveadm [-Dv] [-f <formatter>] mailbox <command> [<args>] > create [-u <user>|-A] [-S <socket_path>] [-s] [-g <guid>] <mailbox> [...] > delete [-u <user>|-A]...

So I believe I generated a key successfully with: 'doveadm mailbox cryptokey generate -u user -UR' because I got the output with the check mark and the Public ID string of characters. However I still can't read the CRYPTED emails when logging in with IMAP.. i'm still getting the following error in the mail log: Error: read() failed: read(/var/vmail/[domain . co...

...irecting my question primary: it is any way to have the dovecot executes a bash script in the time of the mailbox created (lda_mailbox_autocreate)? Also, I notice extra behavior when I do: 1. I creates user in mysql database 2. I confirms it not exists mailbox for user 3. I confirms it not exists cryptokeys for user > root at localhost:/var/vmail# doveadm mailbox cryptokey list -u newuser -U > Folder Active Public ID > root at localhost:/var/vmail# 4. Before create mailbox or cryptokeys for user, I send mail from exist user to new user 5. Postfix Delivers mail to dovecot 6. The dovec...

...o help me in that process, I'm very interested in the doveadm HTTP API. Although the mail_crypt plugin is not referenced in the API, I discovered that it could be accessed all the same, provided some camelCase changes. So far I've been able to generate the following json for the mailbox cryptokey generate command: curl -X POST -H "Authorization: X-Dovecot-API <base64-api-token>" -H "Content-Type: application/json" -d '[["mailboxCryptokeyGenerate",{"user":"<username>","userKeyOnly":true},"tag1"]]' h...

...te_password = %w in (mysql) passdb fields to provide the user's login >>> password as private password. You might want to run it thru some hash, so %{sha1:password} might be >>> a good option. >>> >>> You can change the key password using 'doveadm mailbox cryptokey', this needs to be done every time >>> user changes his password. >>> >>> Also note that if you go down this road, and the user forgets his password, you will not be able to >>> recover the emails without backup copy of the private key. >>> >>&...

...to this address, or login through webmail. I wait more than 1h until something happens, Cf: https://dovecot.org/list/dovecot/2018-September/112763.html If I try to generate keys manually I get this error: ------------------------------------------------------------------------ $ doeveadm mailbox cryptokey generate -u <user> doveadm(<user>): Error: mail_crypt_user_generate_keypair(<user>) failed: mail_crypt_require_encrypted_user_key set, cannot generate user keypair without password or key Folder Public ID x ERROR: mail_crypt_require_encrypted_user_key set, cannot genera...

...mysql) passdb fields to provide the user's login > >>> password as private password. You might want to run it thru some hash, so %{sha1:password} might be > >>> a good option. > >>> > >>> You can change the key password using 'doveadm mailbox cryptokey', this needs to be done every time > >>> user changes his password. > >>> > >>> Also note that if you go down this road, and the user forgets his password, you will not be able to > >>> recover the emails without backup copy of the private key. &...

...n documented https://doc.dovecot.org/admin_manual/post_login_scripting/running-surroundings > Fields returned by userdb lookup with their keys uppercased > (e.g. if userdb returned home, it's stored in HOME). Here generatekeys.sh > #!/bin/bash > if [ `/usr/bin/doveadm mailbox cryptokey list -u "${USER}" -U > /dev/null | wc -l` -lt 2 ]; then > /usr/bin/doveadm -o "plugin/mail_crypt_private_password=${MAIL_CRYPT_PRIVATE_PASSWORD}" mailbox cryptokey generate -u "${USER}" -U > /dev/null > fi > exec "$@" This work!...

Hello, I am using the mail_crypt plugin with Dovecot 2.3 and have issues trying to use a mail crypt private password which contains a percent "%" character as you can see below: $ doveadm -o plugin/mail_crypt_private_password=SomethingWith\%Percent mailbox cryptokey generate -u email at domain.tld -URf doveadm(email at domain.tld): Error: Failed to expand plugin setting mail_crypt_private_password = 'SomethingWith%Percent': Unknown variable '%P' Note here that the percent is escaped with a backslash "\%" in order for the shell not t...

...uly 2, 2019 6:21 PM, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > Hi, you need to escape % with %%. We are aware of a bug affecting when % comes in from some field via userdb, and we are looking into how to fix this. Aki, I was wondering, does this bug also affect the changing of a cryptokey password using this command: $ doveadm mailbox cryptokey password -u email at domain.tld -n NEW%PASSWORD -o OLD%PASSWORD Do I need here also to double the '%' char in the -n (new password) and -o (old password) parameters ?

So when I tried this way I got the following output: user'@'host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR user'@'host:~$ And when I tried this way I got the following output: user'@'host:~$doveadm -o plugin/mail_crypt_private_password=desired_password mailbox cryptokey generate -u user -UR Folder Public ID user'@'host:~$ In both cases I sent a new ema...

...TF-8"> </head> <body> <div> It's a known issue that the password will be set to silly value, most likely 'yes'. </div> <div> <br> </div> <div> You should generate the user key during provisioning with `doveadm cryptokey generate -Uu user -n password`. </div> <div> <br> </div> <div> Aki </div> <blockquote type="cite"> <div> On 08/12/2019 16:22 <a href="mailto:uxqex4efpu@elude.in">uxqex4efpu@elude.in</a> wr...

> Can you try > > doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR > > Aki I tried that and got the following: user at host:~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR Folder Public ID user at host:~$ Then I sent a new email to the mail server, and I checked it with m...

Hello all, Does anybody know if this one has been patched? http://thehackernews.com/2016/01/openssh-vulnerability-cryptokeys.html Thanks. Boris.

...ogin to read the email I'm getting a 'Private key not available: Cannot decrypt <...>: error:03070068:bignum routines:BN_mpi2bn:encoding error'. I've tried to list the user key and generate a new keypair two different ways and have gotten the following output: doveadm mailbox cryptokey list -U user output: Folder Active Public ID doveadm mailbox cryptokey generate -u user -U output: Folder Public ID doveadm mailbox cryptokey generate -u user -Uf output: Panic: file doveadm-mail.c: line 405 (doveadm_mail_next_user): assertion failed: (ctx->exit_code !=0) Error: Raw backtrace...

>> Can you try >> >> doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR >> >> Aki > > I tried that and got the following: > > [user at host](https://dovecot.org/mailman/listinfo/dovecot) :~$ doveadm -o plugin/mail_crypt_private_password=desired_password mailbox > cryptokey generate -u user -UR > > Folder Public...

...te_password = %w in (mysql) passdb fields to provide the user's login >>> password as private password. You might want to run it thru some hash, so %{sha1:password} might be >>> a good option. >>> >>> You can change the key password using 'doveadm mailbox cryptokey', this needs to be done every time >>> user changes his password. >>> >>> Also note that if you go down this road, and the user forgets his password, you will not be able to >>> recover the emails without backup copy of the private key. >>> >>&...