Displaying 20 results from an estimated 10000 matches similar to: "[Bug 1277] Win32 installer will not install against Pythin 2.5"
2012 Aug 15
1
bcrypt again
Hi
I'd like Dovecot to consume a list of users exported from an external application which stores bcrypted passwords.
This has been asked in the past, however, I'm not sure how to read the following reply:
> If you are using Dovecot< 2.0 you can also use any of the algorithms
> supported by your system's libc. But then you have to prefix the hashes
> with {CRYPT} - not
2019 Mar 07
0
Strange behaviour with BLF-CRYPT and SHA*-CRYPT pasword schemas
On 7.3.2019 14.00, Kristijan Savic - ratiokontakt GmbH wrote:
>> You could configure default scheme as CRYPT. It covers these all. Otherwise
>> you need to make sure passwords have {SCHEME} prefix when it differs from
>> default or oddities occur. ---
> Thank you for the tip with CRYPT.
>
> Is there any explanation for this behaviour though?
>
> Why are BCRYPT
2018 Jul 06
0
support for Blowfish $2y$10$
Hei Aki!
# doveadm pw -t
'{BLF-CRYPT}$2y$10$UEm8SR/IuX.ZONebRt40XOKTuZ9bXktYWpGDiLw2h7MTPcnvmuIRK'
Enter password to verify:
{BLF-CRYPT}$2y$10$UEm8SR/IuX.ZONebRt40XOKTuZ9bXktYWpGDiLw2h7MTPcnvmuIRK (verified)
- Great, thanks!
-Graham-
PS: Sorry I just "posted" to your personal address instead of the list.
Aki Tuomi wrote on 06/07/18 23:06:
> Hi!
>
> $2y$ is
2016 Sep 06
3
[Bug 2611] New: Add support for $2b$ prefixed hashes
https://bugzilla.mindrot.org/show_bug.cgi?id=2611
Bug ID: 2611
Summary: Add support for $2b$ prefixed hashes
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P3
Component: Miscellaneous
Assignee: unassigned-bugs at
2018 Jul 06
1
support for Blowfish $2y$10$
Hello,
does dovecot support bcrypt $2y$ version? (BLF-CRYPT - Blowfish crypt)
doveadm pw -s BLF-CRYPT
generates a
{BLF-CRYPT}$2a$05$.......
password.
Does this mean that dovecote will not authenticate against a
$2y$10$.......
password?
Thanks in advance,
-Graham-
2002 Jun 25
1
use libcrypt before libcrypto
these days many unix-based systems contain crypt() with more than
DES support (for instance, MD5 in freebsd/openbsd/netbsd, bcrypt in
openbsd/netbsd). we need to use crypt() in libcrypt, not in licrypto,
as much as possible.
itojun
--- configure.ac.orig Tue Jun 25 10:56:47 2002
+++ configure.ac Tue Jun 25 10:57:25 2002
@@ -697,6 +702,9 @@
)
fi
+# use libcrypt if there is
2019 Mar 07
2
Strange behaviour with BLF-CRYPT and SHA*-CRYPT pasword schemas
> You could configure default scheme as CRYPT. It covers these all. Otherwise
> you need to make sure passwords have {SCHEME} prefix when it differs from
> default or oddities occur. ---
Thank you for the tip with CRYPT.
Is there any explanation for this behaviour though?
Why are BCRYPT hashes accepted when default_pass_scheme is set to SHA512-CRYPT
and not vice versa? Is this
2006 Oct 20
0
[Bug 1252] sftp returns 0 when upload is unsuccessful due to a full device
http://bugzilla.mindrot.org/show_bug.cgi?id=1252
Summary: sftp returns 0 when upload is unsuccessful due to a full
device
Product: Portable OpenSSH
Version: 4.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sftp
AssignedTo: bitbucket at
2020 Aug 30
0
PBKDF2 password hashing as in ASP.NET Core
> On 29/08/2020 23:49 Yves Goergen <nospam.list at unclassified.de> wrote:
>
>
> Hello,
>
> I'm setting up a new server and, again, seek for a decently secure (from
> a security specialist's POV) way to store and verify user passwords in a
> database. Additionally now, GDPR requires me to use a solid
> state-of-the-art solution.
>
> My OS is
2019 Feb 13
0
Using SHA256/512 for SQL based password
> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot <dovecot at dovecot.org> a ?crit :
>
>
>
> On 2/13/19 8:30 AM, Aki Tuomi wrote:
>> On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote:
>>>
>>> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote:
>>>>
>>>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz
2007 Oct 20
5
[Bug 1377] New: getpwuid called twice without pwcopy (percent_expand: NULL replacement)
https://bugzilla.mindrot.org/show_bug.cgi?id=1377
Summary: getpwuid called twice without pwcopy (percent_expand:
NULL replacement)
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.4p1
Platform: ix86
OS/Version: Mac OS X
Status: NEW
Severity: major
Priority: P2
2019 Feb 13
0
Using SHA256/512 for SQL based password
On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote:
>
>
> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote:
>>
>>
>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz
>> <rgm at htt-consult.com>:
>>
>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:
>>>> Am 12.02.2019 um 17:05 schrieb Robert Moskowitz via
2006 Dec 05
3
[Bug 1267] PermitOpen - Multiple forwards don't works
http://bugzilla.mindrot.org/show_bug.cgi?id=1267
Summary: PermitOpen - Multiple forwards don't works
Product: Portable OpenSSH
Version: v4.5p1
Platform: ix86
OS/Version: Cygwin on NT/2k
Status: NEW
Severity: security
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
2019 Feb 20
0
Using SHA256/512 for SQL based password
> On 20 February 2019 15:10 Robert Moskowitz via dovecot <dovecot at dovecot.org> wrote:
>
>
>
>
>
> On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote:
>
>
> >
> >
> >
> > On 17.2.2019 10.46, Aki Tuomi via dovecot wrote:
> >
> >
> > >
> > >
> > >
> > > > On 17 February
2019 Feb 13
1
Using SHA256/512 for SQL based password
On 2/13/19 8:30 AM, Aki Tuomi wrote:
> On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote:
>>
>> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote:
>>>
>>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz
>>> <rgm at htt-consult.com>:
>>>
>>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:
2019 Feb 19
0
Using SHA256/512 for SQL based password
On 17.2.2019 10.46, Aki Tuomi via dovecot wrote:
>
>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot <
>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote:
>>
>>
>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot <
>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>>
>> wrote:
>>
2019 Feb 13
3
Using SHA256/512 for SQL based password
On 2/13/19 8:30 AM, Aki Tuomi wrote:
> On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote:
>>
>> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote:
>>>
>>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz
>>> <rgm at htt-consult.com>:
>>>
>>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:
2019 Feb 17
0
Using SHA256/512 for SQL based password
On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot <dovecot at dovecot.org>
wrote:
> Jean-Daniel Dupas via dovecot wrote:
> >
> >
> >> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot
> >> <dovecot at dovecot.org <mailto:dovecot at dovecot.org>> a ?crit :
> >>
> >>
> >>
> >> On 2/13/19 8:30 AM, Aki
2020 Aug 30
0
PBKDF2 password hashing as in ASP.NET Core
In case you are interested,
https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes
By the way, I am bit sceptical that CRYPT-SHA512 is less secure than PBKDF2.
CRYPT-SHA512 is not "just" SHA512(salt||password), it does at least 1000 rounds of hashing in similar way as PBKDF2 does. So, what is your reasoning for claiming that PBKDF2 is much secure than CRYPT-SHA512?
Also, if you look
2019 Feb 20
4
Using SHA256/512 for SQL based password
On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote:
>
>
> On 17.2.2019 10.46, Aki Tuomi via dovecot wrote:
>>
>>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot <
>>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote:
>>>
>>>
>>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot <
>>>