similar to: dovecotpw documentation

I've decided that having users supply cleartext passwords for me to encrypt and encode is a bad idea, anyway. So maybe I won't need dovecotpw. The idea is that users supply an already-encrypted password. Most of the users can fetch their login password from /etc/shadow on their own computer. Wiki page http://wiki.dovecot.org/Authentication/PasswordSchemes indicates that scheme name

Is there a tool equivalent to the system "passwd" command (or maybe "adduser" or "useradd") that can support a passwd-file by setting a password, encrypting it with the salted MD5 scheme? The system "passwd" command doesn't have an option to "do it to this alternate file instead of /etc/shadow".

Platform is Solaris 8 on a 280R. I'm setting up a new installation of Dovecot, and I ran into some troubles that I've partly tracked down. I setup auth/user dbs with LDAP initially, and things worked well. Passwords are stored as "{crypt}zxcv..." in LDAP. I setup SQL, and began getting this: dovecot: Jan 23 16:37:47 Error: child 8718 (auth-worker) killed with signal 11

I am looking for PHP functions that implement passwords that much the dovecotpw implementation. I downloaded one from PEAR, Crypt_HMAC, but the passwords it generates look nothing like the dovecotpw passwords, which could be my fault because I know nothing about the field. Is there a guide or some library that implements them to match dovecotpw?

Hi, please apply the following patch to dovecotpw. Without this, it will be unusable on powerpc and (maybe) other architectures where the char is unsigned by default. --- dovecot-1.0/src/util/dovecotpw.c (revisione 2066) +++ dovecot-1.0.new/src/util/dovecotpw.c (copia locale) @@ -40,7 +40,7 @@ const char *user = NULL; char *scheme = NULL; char *plaintext = NULL; - char ch; +

Hello, I want to use PostgreSQL to store my Dovecot users. I setup a very basic configuration, following word for word this page http://wiki.dovecot.org/DovecotPostgresql and it works ... almost. In fact, it works if I use PLAIN password scheme in my database. However, I would like to store them encrypted. But, if I replace the password field for my user with {HMAC-MD5}-... (the password

Hi, I need some feedback for the following problem I encountered compiling dovecot. It seems to be a wrong check in configure, that comes out in a fatal error (crypt symbol not found because the -lcrypt is omitted). With these configure parameters no crypt module is recognized (and so the need_crypt variable is still off), but at compile time gcc fails to create executables. I solve the issue

Hello, I just installed dovecot version 2.0.8 from the source tarball. After doing ./configure, make, and make install, I don't have the dovecotpw binary anywhere. It is not in /usr/local/bin or /usr/local/sbin where the other binaries are; I also did a find / for it and don't see it. Is there some configuration flag I'm missing? I read the flags in ./configure --help and nothing

Is there any other mechanism than using passwd files with md5-hashed passwords created by dovecotpw that will support cram-md5 authentication? Has anyone created setups where the passwd databases reside in the individual users home directories? Is it possible to persuade dovecotpw to update the passwd databases automatically. Having to use a text editor to paste in the passwords sets a high

On 2/20/19 3:28 PM, Robert Moskowitz via dovecot wrote: > >> Here's how I configured my roundcube's password plugin to keep things >> together ($roundcubefolder/plugins/password/config.php) >> >> $config['password_algorithm']??????? = 'dovecot'; >> $config['password_algorithm_prefix'] = '{SHA512-CRYPT}'; >>

Hi I would like to simulate dovecot's dovecotpw with a perl script I tried / used use Crypt::SaltedHash; my $csh = Crypt::SaltedHash->new(algorithm => 'SHA-1'); $csh->add($passwd_string); my $salted = $csh->generate; also use Digest::SHA1; use MIME::Base64; $ctx = Digest::SHA1->new; $ctx->add($passwd_string); $ctx->add('salt'); my $salted =

Hi, I'm just in the middle of setting up dovecot to serve IMAPS -- Actually I've finished apart from one thing: CRAM-MD5 passwords. I'm using SQL as a backend for the password storage, and I don't want to store the passwords in plaintext. I've also configured dovecot to be rather restrictive when it comes to authentication methods (only CRAM-MD5 is allowed). To generate the

Hello list, our users are authenticated against ldap-server. anything works fine... dovecot: imap-login: Login: user=<xxx>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured but now we want to use secure passwords and not only plain over ssl. so we configured dovecot to use cram-md5 and configured the ldap-server with CRAM-MD5 passwords. as client we used thunderbird 2.0 and a

Hello, Is this the proper place to suggest an enhancement for the stock dovecot package ? The enhancement would be the following: For the time being, the dovecotpw utility offers a standardised way to interactively encode a user password in a certain scheme, say: dovecotpw -s CRYPT Enter new passord: Re-enter new password: etc. Given a *valid* /etc/imap.passwd file (passwd-file

On 2/20/19 5:09 AM, Yassine Chaouche via dovecot wrote: > On 2/12/19 5:05 PM, Robert Moskowitz via dovecot wrote: >> I have trying to find how to set the dovecot-sql.conf for using >> SHA256/512.? I am going to start clean with the stronger format, not >> migrate from the old MD5.? It seems all I need is: >> [...] default_pass_scheme = SHAxxx-CRYPT [...] > > How

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 25 Jan 2017, @lbutlr wrote: >> On Jan 25, 2017, at 1:09 AM, Alessio Cecchi <alessio at skye.it> wrote: >> >> Il 24/01/2017 23:29, @lbutlr ha scritto: >>> dovecot is setup on a system with MD5-CRYPT password scheme for all users, and I would like to update this to something that is secure, probably

Hi, I've currently got a problem authenticating to my dovecot server (1.0rc15). The server is set up to authenticate against a mysql server, with a default password scheme of 'crypt'. The problem is that some of the passwords I need to transfer (all from /etc/shadow files) are md5 encoded, and when I put {md5-crypt} in front of the password to force the scheme, dovecot answers

Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf

On 21 Feb 2023, at 10:12 pm, James Brown <jlbrown at bordo.com.au> wrote: > > The new one has Dovecot compiled with same configure options, same configuration files, but fails to authenticate: > > Feb 21 21:51:03 master: Info: Dovecot v2.3.20 (80a5ac675d) starting up for imap, pop3 (core dumps disabled) > Feb 21 21:51:33 auth-worker(11701): Error: conn unix:auth-worker

I'm getting a lot of entries like this in my log: Apr 16 10:10:18 postamt dovecot: auth(default): shadow(doxxxris,141.42.206.38): CRYPT(wrongpassword) != '$1$qSe71xxx$09MoMqNyll.wPLCdSaFuA0', try MD5-CRYPT scheme instead It seems that changing the password via SquirrelMail (poppasswd) breaks the authentication scheme somewhat. Users cannot log in anymore. -- Ralf Hildebrandt