similar to: Password protection for the simple menu system

The cryptic subject is the outcome of my looking into how to do a particular thing. I wonder if anyone else has solved this problem in a way that hasn't occurred to me. I'm using dovecot 1.1.11 on Ubuntu Server 9.10. I could consider upgrading to my own install of a newer dovecot if it made a difference to this problem. I have two populations of dovecot users. Some users have Unix

Hello, Thanks for the explanation. So should I go with SSHA512 or SHA512-CRYPT? From your explanation i'm interpreting to mean that SHA512-CRYPT also salts. This is for storing in a mysql database. Also, what should the password field length and type be set for? Currently it's varchar(128) Thanks. Dave. On 4/29/17, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > >> On April

I would go with SHA512-CRYPT, since it is compatible with lots of other things. The field length is static and it contains ascii characters, and it appears to be 118 characters long, but it might be a good idea to use varchar(255) nevertheless, in case you decide to use something else someday. With mysql, you can do mysql> SELECT

Correct the order of the parameters for MENU RESOLUTION. Update references. Rewording. Typos. diff U3 /syslinux-6.03/doc/menu.txt /syslinux-6.03-next/doc/menu.txt --- /syslinux-6.03/doc/menu.txt Mon Oct 06 19:27:44 2014 +++ /syslinux-6.03-next/doc/menu.txt Wed Jun 24 01:28:49 2015 @@ -5,35 +5,38 @@ +++ THE ADVANCED MENU SYSTEM +++ The advanced menu system, written by Murali Krishnan

> On April 29, 2017 at 4:22 AM David Mehler <dave.mehler at gmail.com> wrote: > > > Hello, > > I have a few questions on password schemes. Is SHA512 the most secure? > Is there a difference between SHA512 and SHA512-CRYPT? What about > SSHA512 and SSH512-CRYPT? > > Is there a problem with this sql statement: > > UPDATE virtual_users SET

Hello, the wiki says, I can use hashed password for MENU PASSWD: http://www.syslinux.org/wiki/index.php?title=Comboot/menu.c32 (actually the wiki says "encrypted" password, which I think is wrong and misleading) SHA-2-256 (Signature: $5$) It further says, that SHA-2 passwords are compatible with very recent Linux distributions. That is great, but *HOW* do I generate such hashed

Hello, attached is an hg export on top of the current dovecot-2.2 branch, which adds support for a SCRAM-SHA-1 password scheme. Ideally I'd want doveadm pw's rounds flag to apply to this, but that's currently specific to the crypt password scheme, so I left it out for now. Regards, Florian Zeitz -------------- next part -------------- # HG changeset patch # User Florian Zeitz

Fourhundred Thecat via Syslinux <syslinux at zytor.com> writes: > the wiki says, I can use hashed password for MENU PASSWD: > http://www.syslinux.org/wiki/index.php?title=Comboot/menu.c32 > > (actually the wiki says "encrypted" password, which I think is wrong and > misleading) > > SHA-2-256 (Signature: $5$) > > It further says, that SHA-2 passwords are

While rebooting my computer after installing the new kernel a few minutes ago, I got to wondering about how the initial bootup screen (after grub, before rhgb) is constructed. The "Loading kernel blah blah blah" lines start at the top of the screen and proceed to scroll down as one would expect. But "kernel alive" shows up at the bottom of the screen and then more write-up is

Dear all, I send you a new email to know what is the progress of SCRAM-SHA-***(-PLUS) supports? Currently there is only SCRAM-SHA-1: https://doc.dovecot.org/configuration_manual/authentication/password_schemes/. - RFC6331: Moving DIGEST-MD5 to Historic: https://tools.ietf.org/html/rfc6331 - RFC5802: Salted Challenge Response Authentication Mechanism (SCRAM) SASL and GSS-API Mechanisms:

> On 29/08/2020 23:49 Yves Goergen <nospam.list at unclassified.de> wrote: > > > Hello, > > I'm setting up a new server and, again, seek for a decently secure (from > a security specialist's POV) way to store and verify user passwords in a > database. Additionally now, GDPR requires me to use a solid > state-of-the-art solution. > > My OS is

Hi I would like to simulate dovecot's dovecotpw with a perl script I tried / used use Crypt::SaltedHash; my $csh = Crypt::SaltedHash->new(algorithm => 'SHA-1'); $csh->add($passwd_string); my $salted = $csh->generate; also use Digest::SHA1; use MIME::Base64; $ctx = Digest::SHA1->new; $ctx->add($passwd_string); $ctx->add('salt'); my $salted =

Hello, I have a few questions on password schemes. Is SHA512 the most secure? Is there a difference between SHA512 and SHA512-CRYPT? What about SSHA512 and SSH512-CRYPT? Is there a problem with this sql statement: UPDATE virtual_users SET password=CONCAT(?{SHA256-CRYPT}?, ENCRYPT (?Password Goes Here?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) WHERE user=?user at example.com?; I'm

Hello, I'm setting up a new server and, again, seek for a decently secure (from a security specialist's POV) way to store and verify user passwords in a database. Additionally now, GDPR requires me to use a solid state-of-the-art solution. My OS is Ubuntu 20.04, Dovecot version 2.3.7, database backend with PostgreSQL 12. Obviously, storing the plaintext password is a terrible idea.

Gents, I've come across an issue using 4.0.5 -- not sure what I'm doing wrong here, but I've tried a hundred different ways to password protect an entry in one of my pxe menus, but every time I invoke the entry in the menu, it prompts for the password (I've tried using MENU PASSWD xxxx and tried it without, supplying a MASTER PASSWD and a blank MENU PASSWD after both a BEGIN MENU

Hi, I was hoping you could shed some light in usage of the directive MENU HIDDENKEY in syslinux (extlinux 4.04) The docs say: MENU HIDDENKEY key[,key...] command... So, in my conf I have: MENU HIDDENKEY Esc openelec Where openelec is the label of the boot option I want to run only if Esc is pressed. But pressing Esc on boot has no effect. Default is run. So, do I misunderstand the

Hi, I did try that, but then after the boot fails, the menu is displayed ... again... -Mike -----Original Message----- From: Ferenc Wagner [mailto:wferi at niif.hu] Sent: Sunday, February 22, 2015 3:22 PM To: Bradley, Mike Cc: syslinux at zytor.com Subject: Re: [syslinux] Menu too quick "Bradley, Mike via Syslinux" <syslinux at zytor.com> writes: > I'm trying to add a

In case you are interested, https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes By the way, I am bit sceptical that CRYPT-SHA512 is less secure than PBKDF2. CRYPT-SHA512 is not "just" SHA512(salt||password), it does at least 1000 rounds of hashing in similar way as PBKDF2 does. So, what is your reasoning for claiming that PBKDF2 is much secure than CRYPT-SHA512? Also, if you look

The idea of salted hash algorithms is to generate a different hash even if the same text is entered. That can be easily seen with dovecotpw: using NON-salted SHA256, same hash is generated for a given password [root at correio ~]# dovecotpw -s SHA256 -p 123 {SHA256}pmWkWSBCL51Bfkhn79xPuKBKHz//H6B+mY6G9/eieuM= [root at correio ~]# dovecotpw -s SHA256 -p 123

> On 09/05/2013 01:55 AM, Gene Cumm wrote: > > On Wed, Sep 4, 2013 at 2:34 PM, Piotr Karbowski > > <piotr.karbowski at gmail.com> wrote: > > > >> With syslinux (extlinux) it will jump to last INCLUDE'ed menu always, with > >> 5.01 it will display list of elements, then allow me to choose which one I > >> want to enter. > >> >