similar to: [Bug 1277] Win32 installer will not install against Pythin 2.5

Hi I'd like Dovecot to consume a list of users exported from an external application which stores bcrypted passwords. This has been asked in the past, however, I'm not sure how to read the following reply: > If you are using Dovecot< 2.0 you can also use any of the algorithms > supported by your system's libc. But then you have to prefix the hashes > with {CRYPT} - not

On 7.3.2019 14.00, Kristijan Savic - ratiokontakt GmbH wrote: >> You could configure default scheme as CRYPT. It covers these all. Otherwise >> you need to make sure passwords have {SCHEME} prefix when it differs from >> default or oddities occur. --- > Thank you for the tip with CRYPT. > > Is there any explanation for this behaviour though? > > Why are BCRYPT

Hei Aki! # doveadm pw -t '{BLF-CRYPT}$2y$10$UEm8SR/IuX.ZONebRt40XOKTuZ9bXktYWpGDiLw2h7MTPcnvmuIRK' Enter password to verify: {BLF-CRYPT}$2y$10$UEm8SR/IuX.ZONebRt40XOKTuZ9bXktYWpGDiLw2h7MTPcnvmuIRK (verified) - Great, thanks! -Graham- PS: Sorry I just "posted" to your personal address instead of the list. Aki Tuomi wrote on 06/07/18 23:06: > Hi! > > $2y$ is

https://bugzilla.mindrot.org/show_bug.cgi?id=2611 Bug ID: 2611 Summary: Add support for $2b$ prefixed hashes Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: enhancement Priority: P3 Component: Miscellaneous Assignee: unassigned-bugs at

Hello, does dovecot support bcrypt $2y$ version? (BLF-CRYPT - Blowfish crypt) doveadm pw -s BLF-CRYPT generates a {BLF-CRYPT}$2a$05$....... password. Does this mean that dovecote will not authenticate against a $2y$10$....... password? Thanks in advance, -Graham-

these days many unix-based systems contain crypt() with more than DES support (for instance, MD5 in freebsd/openbsd/netbsd, bcrypt in openbsd/netbsd). we need to use crypt() in libcrypt, not in licrypto, as much as possible. itojun --- configure.ac.orig Tue Jun 25 10:56:47 2002 +++ configure.ac Tue Jun 25 10:57:25 2002 @@ -697,6 +702,9 @@ ) fi +# use libcrypt if there is

> You could configure default scheme as CRYPT. It covers these all. Otherwise > you need to make sure passwords have {SCHEME} prefix when it differs from > default or oddities occur. --- Thank you for the tip with CRYPT. Is there any explanation for this behaviour though? Why are BCRYPT hashes accepted when default_pass_scheme is set to SHA512-CRYPT and not vice versa? Is this

http://bugzilla.mindrot.org/show_bug.cgi?id=1252 Summary: sftp returns 0 when upload is unsuccessful due to a full device Product: Portable OpenSSH Version: 4.2p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp AssignedTo: bitbucket at

> On 29/08/2020 23:49 Yves Goergen <nospam.list at unclassified.de> wrote: > > > Hello, > > I'm setting up a new server and, again, seek for a decently secure (from > a security specialist's POV) way to store and verify user passwords in a > database. Additionally now, GDPR requires me to use a solid > state-of-the-art solution. > > My OS is

> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot <dovecot at dovecot.org> a ?crit : > > > > On 2/13/19 8:30 AM, Aki Tuomi wrote: >> On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: >>> >>> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: >>>> >>>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz

https://bugzilla.mindrot.org/show_bug.cgi?id=1377 Summary: getpwuid called twice without pwcopy (percent_expand: NULL replacement) Classification: Unclassified Product: Portable OpenSSH Version: 4.4p1 Platform: ix86 OS/Version: Mac OS X Status: NEW Severity: major Priority: P2

On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: > > > On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: >> >> >> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz >> <rgm at htt-consult.com>: >> >>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote: >>>> Am 12.02.2019 um 17:05 schrieb Robert Moskowitz via

http://bugzilla.mindrot.org/show_bug.cgi?id=1267 Summary: PermitOpen - Multiple forwards don't works Product: Portable OpenSSH Version: v4.5p1 Platform: ix86 OS/Version: Cygwin on NT/2k Status: NEW Severity: security Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org

> On 20 February 2019 15:10 Robert Moskowitz via dovecot <dovecot at dovecot.org> wrote: > > > > > > On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote: > > > > > > > > > > On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: > > > > > > > > > > > > > > > > > On 17 February

On 2/13/19 8:30 AM, Aki Tuomi wrote: > On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: >> >> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: >>> >>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz >>> <rgm at htt-consult.com>: >>> >>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:

On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: > >> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < >> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote: >> >> >> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < >> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> >> wrote: >>

On 2/13/19 8:30 AM, Aki Tuomi wrote: > On 13.2.2019 15.18, Robert Moskowitz via dovecot wrote: >> >> On 2/13/19 1:23 AM, Matthias Fechner via dovecot wrote: >>> >>> Am 13. Februar 2019 00:34:15 schrieb Robert Moskowitz >>> <rgm at htt-consult.com>: >>> >>>> On 2/12/19 6:03 PM, Matthias Fechner via dovecot wrote:

On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot <dovecot at dovecot.org> wrote: > Jean-Daniel Dupas via dovecot wrote: > > > > > >> Le 13 f?vr. 2019 ? 14:54, Robert Moskowitz via dovecot > >> <dovecot at dovecot.org <mailto:dovecot at dovecot.org>> a ?crit : > >> > >> > >> > >> On 2/13/19 8:30 AM, Aki

In case you are interested, https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes By the way, I am bit sceptical that CRYPT-SHA512 is less secure than PBKDF2. CRYPT-SHA512 is not "just" SHA512(salt||password), it does at least 1000 rounds of hashing in similar way as PBKDF2 does. So, what is your reasoning for claiming that PBKDF2 is much secure than CRYPT-SHA512? Also, if you look

On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote: > > > On 17.2.2019 10.46, Aki Tuomi via dovecot wrote: >> >>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot < >>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote: >>> >>> >>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot < >>>