similar to: Problems in auth when switching from PLAIN-MD5

Displaying 20 results from an estimated 3000 matches similar to: "Problems in auth when switching from PLAIN-MD5"

2015 Jan 10
5
Moving or "upgrading" from MD5 to SSHA512
Hello, world! I have a long-running Dovecot & Postfix installation using PostgreSQL back-end. Until now I've been using MD5 hashing but would like to "upgrade" to the salted SSHA512. Is there a way to configure Dovecot so that it would automatically detect the type of the hash stored in the database, so that users who have changed their password (and thus being hashed with
2007 Jan 24
1
default_pass_scheme = PLAIN-MD5 dont work :(
I config postfix+mysql+dovecot for SASL SMTP autentication. It works if set: default_pass_scheme = PLAIN and store plain-text password in mysql I'm change default_pass_scheme = PLAIN with default_pass_scheme = PLAIN-MD5 an store password in mysql with md5('passwd') and dovecotpw -s PLAIN-MD5 -p test {PLAIN-MD5} and md5("test") = 098f6bcd4621d373cade4e832627b4f6 but
2009 Jun 22
1
CRAM-MD5 authentication but plain-md5 password storage.
Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf
2007 Feb 07
1
PLAIN-MD5 password scheme with salt?
Hello! I'm storing passwords as MD5 hashes in a MySQL database and have specified "default_pass_scheme = PLAIN-MD5" in dovecot-sql.conf. Can Dovecot append or prepend a salt to a password before hashing them? Because without salt the plaintext passwords can be restored from the MD5 hashes using rainbow tables. Greetings Steffen Weber
2007 Feb 21
1
login and plain-md5 in sql query
i use last dovecot rc23 with users/passwords in mysql 1) How can i define a sql query for each auth mechanism ? 2)Why i can't set "default_pass_scheme = login" in my dovecot-sql.conf? : dovecot: Feb 21 09:46:22 Info: auth(default): client in: AUTH 1 PLAIN service=IMAP secured lip=127.0.0.1 rip=127.0.0.1 resp=AGFkaUBhZHJpYW4uZXUAcGFyb2xh dovecot: Feb 21
2010 Aug 07
1
dovecot.conf: mechanisms = plain login cram-md5 | Windows Live Mail: CRAM-MD5 authentication failed. This could (NOT) be due to a lack of memory on your system
/etc/dovecot.conf: auth default { mechanisms=plain login cram-md5 passdb { #.............. Windows Live Mail: CRAM-MD5 authentication failed. This could be due to a lack of memory on your system. Your IMAP command could not be sent to the server, due to non-network errors. This could, for example, indicate a lack of memory on your system. Configuration: Account: Sheltoncomputers
2008 Jul 08
2
Dovecot CRAM-MD5 & DIGEST-MD5
Hello all. Im try to make a SMTP Auth using Docecot SASL. Im use swaks for tests. Im store users in LDAP. As im understand for CRAM & DIGEST MD5 we need to store pass in a clear text?... Ok. mail: admin3 at domain.off userPassword: 123 <- Clear text What im do %swaks -a CRAM-MD5 -au admin3 at domain.off -ap 123 To: admin3 at domain.off === Trying mx.domain.off:25... === Connected to
2010 May 04
1
Glusterfs and Xen - mount option
Hi, I've installed Gluster Storage Platform on two servers (mirror) and mounted the volume on a client. I had to mount it using "mount -t glusterfs <MANAGEMENT_SERVER>:<VOLUMENAME-ON-WEBGUI>-tcp <MOUNTPOINT>" because I didn't had a vol file and couldn't generate one with volgen because we don't have shell access to the gluster server right? How can
2020 Mar 17
8
Headsup on feature removal
Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of
2020 Mar 17
8
Headsup on feature removal
Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of
2015 Jan 10
0
Moving or "upgrading" from MD5 to SSHA512
On 1/9/2015 4:07 PM, Jyri Hovila [Turvamies.fi] wrote: > Hello, world! > > I have a long-running Dovecot & Postfix installation using PostgreSQL > back-end. > > Until now I've been using MD5 hashing but would like to "upgrade" to > the salted SSHA512. > > Is there a way to configure Dovecot so that it would automatically > detect the type of the hash
2020 Mar 18
2
Headsup on feature removal
<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Those plugins can be resurrected with simple `git revert`. </div> <div> <br> </div> <div> Are you planning on open sourcing your client id authetication plugin? </div> <div> <br> </div>
2013 Aug 28
2
Log successful login plain text password
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, I want to use dovecot as a IMAP and POP3 proxy in front of our current E-Mail hosting server to log the plain text passwords of all successful logins for migration reasons. Actually I don't need the password to see in plain text, storing them as SHA256-CRYPT (or something dovecot can use later for auth) hash in a file or DB would be
2020 Mar 18
3
Headsup on feature removal
So I am on of the many users with qmail, and using vpopmail auth, I guess chatting with some other guys in the other mailing list we will convert to mysql driver but this is a lot of work for many people. I do understand dropping things out but a valid solutions needs to be proposed. Remo > On Mar 18, 2020, at 06:49, Michael Peddemors <michael at linuxmagic.com> wrote: > >
2015 Feb 12
0
Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password
When using CRYPT to encrypt the password, you must put the following in dovecot-sql.conf.ext default_pass_scheme = CRYPT I hope this can help more people, in addition to leave you as I did my query: password_query = \ SELECT password \ FROM users WHERE login = '%u -- editor de sue?os
2006 Oct 20
1
md5 password storage
Hi List. I've got a dovecot running with mysql. All my users data are there. But I intend to use MD5 instead of clear passwords at MySQL. Someone can help-me? []s; Andrey Here's my dovecot-mysql.conf: # Dovecot queries db_host = localhost db_unix_socket = /var/lib/mysql/mysql.sock db_port = 3306 db = mail db_user = my_conn_user db_passwd = my_conn_passwd # # Pehapes i need to
2009 Feb 16
1
LDAP, MD5-CRYPT, invalid credentials, BUG or config issue?
Hi, I read a lot of howto's and I got problems with LDAP and Dovecot to work together. I'm using: Gentoo Linux 2008.0 hardened Dovecot 1.1.7 Kernel 2.6.26 OpenLDAP 2.3.43 My dovecot-ldap.conf is: uris = ldaps://auth.mydomain.com:636 auth_bind = yes auth_bind_userdn = uid=%u,ou=People,dc=mydomain,dc=com ldap_version = 3 base = ou=People,dc=mydomain,dc=com deref = never scope = subtree
2004 Dec 31
4
PLAIN-MD5 passwords?
After I found out that {CRYPT} doesn't support passwords longer than 8 characters, I decided to switch over to MD5 for user passwords in my LDAP database. However, while I have no problem with Postfix + SASL, Dovecot fails to authenticate. Relevant bits from /etc/dovecot-ldap.conf: user_attrs = mailAddress,,,,, # The search string is identical to what's found in /etc/saslauthd.conf:
2020 Mar 19
2
[Dovecot-news] Headsup on feature removal
Hi! We appreciate the feedback we have received from everyone, and we have discussed it internally. The features we are removing are deprecated and should not have been used anymore. They all have alternatives that work equally well if not better. For the authentication drivers, you can use passwd, pam and Lua as replacements for most of them. Lua in particular allows good integration with just
2017 Jan 25
2
Moving to new password scheme
> On Jan 25, 2017, at 1:09 AM, Alessio Cecchi <alessio at skye.it> wrote: > > Il 24/01/2017 23:29, @lbutlr ha scritto: >> dovecot is setup on a system with MD5-CRYPT password scheme for all users, and I would like to update this to something that is secure, probably SSHA256-CRYPT, but I want to do this seamlessly without the users having to jump through any hoops. >>