similar to: Authentication mechanism and Password scheme

Hello, Thanks for the explanation. So should I go with SSHA512 or SHA512-CRYPT? From your explanation i'm interpreting to mean that SHA512-CRYPT also salts. This is for storing in a mysql database. Also, what should the password field length and type be set for? Currently it's varchar(128) Thanks. Dave. On 4/29/17, Aki Tuomi <aki.tuomi at dovecot.fi> wrote: > >> On April

Hello, I have a few questions on password schemes. Is SHA512 the most secure? Is there a difference between SHA512 and SHA512-CRYPT? What about SSHA512 and SSH512-CRYPT? Is there a problem with this sql statement: UPDATE virtual_users SET password=CONCAT(?{SHA256-CRYPT}?, ENCRYPT (?Password Goes Here?, CONCAT(?$5$?, SUBSTRING(SHA(RAND()), -16)))) WHERE user=?user at example.com?; I'm

good day! I'm experiencing problem with pop3 proxying: on backend servers in logs there's director's ip instead of remote's like this: Jun 8 15:21:23 host-01 dovecot: pop3-login: Login: user=<test1 at example.com>, method=PLAIN, rip=192.168.5.102, lip=192.168.5.100, mpid=26170, secured Jun 8 15:32:16 host-01 dovecot: pop3-login: Login: user=<test1 at example.com>,

I'm trying to configure SSHA512 passwords and when testing discovered that they were not working as expected. At first i was using Centos 6.4 which doesn't have the glibc CRYPT newest functions ($6$salt$pass) so had to rollback to the Dovecot format ({SSHA512.HEX}saltedpassword+salt ) but I'm unable to let dovecot authenticate properly. Some logs and details: Apr 16 02:55:37

On 21 Feb 2023, at 10:12 pm, James Brown <jlbrown at bordo.com.au> wrote: > > The new one has Dovecot compiled with same configure options, same configuration files, but fails to authenticate: > > Feb 21 21:51:03 master: Info: Dovecot v2.3.20 (80a5ac675d) starting up for imap, pop3 (core dumps disabled) > Feb 21 21:51:33 auth-worker(11701): Error: conn unix:auth-worker

Hi, since several versions i have the following problem: Actually i am using: dovecot --version 2.2.16 (de2023e630cb) When i try to use doveadm i see the following error: doveadm pw -t {SSHA512}cywDi7p60qc1K0mK4zAC2NrnK86hntGgbQcAh3H9U3WEpZMFk1hj/MYQ81hJouP1FOsF/Jasc1BjzdaPeUU5fYLitEzV -p 1234 Fatal: Couldn't load required plugin /usr/lib/dovecot/modules/lib11_imap_quota_plugin.so:

> On 22/02/2023 07:00 EET James Brown <jlbrown at bordo.com.au> wrote: > > > On 21 Feb 2023, at 10:12 pm, James Brown <jlbrown at bordo.com.au> wrote: > > > > > > > The new one has Dovecot compiled with same configure options, same configuration files, but fails to authenticate: > > > > Feb 21 21:51:03 master: Info: Dovecot v2.3.20

I would go with SHA512-CRYPT, since it is compatible with lots of other things. The field length is static and it contains ascii characters, and it appears to be 118 characters long, but it might be a good idea to use varchar(255) nevertheless, in case you decide to use something else someday. With mysql, you can do mysql> SELECT

Hi, we sync our password from other system by directly setting unicodePwd in samba database file. We would like to drop the insecure hash stored in other system and replace it with something newer and more robust. Documentation on page https://samba.tranquil.it/doc/en/samba_fundamentals/about_password_hash.html#propagating-a-password-change-from-samba-ad-to-an-openldap says "It is now

On 05/01/2023 10:13, Edward Graham via samba wrote: > Hi, > > we sync our password from other system by directly setting unicodePwd in samba database file. We would like to drop the insecure hash stored in other system and replace it with something newer and more robust. > > Documentation on page

Dear Expert, I am having issue with using SSHA512 Password Schemes with my openldap server. I have used doveadm utility to create password and able to verify the same but trying to login to IMAP is failing tried debug the auth part but no success so far. I am using the latest version of dovecot. Please share your views .. Thanks

Hello, world! I have a long-running Dovecot & Postfix installation using PostgreSQL back-end. Until now I've been using MD5 hashing but would like to "upgrade" to the salted SSHA512. Is there a way to configure Dovecot so that it would automatically detect the type of the hash stored in the database, so that users who have changed their password (and thus being hashed with

> On April 29, 2017 at 4:22 AM David Mehler <dave.mehler at gmail.com> wrote: > > > Hello, > > I have a few questions on password schemes. Is SHA512 the most secure? > Is there a difference between SHA512 and SHA512-CRYPT? What about > SSHA512 and SSH512-CRYPT? > > Is there a problem with this sql statement: > > UPDATE virtual_users SET

on a FreeBSD 11.2 amd64 machine, I am trying to get Dovecot 2.3.4 to play nice with "argonid" encryption. In the "10-auth.conf" file, I tried: auth_mechanisms = plain argon2id Upon restarting dovecot, I received an error message when attempting to actually it: auth: FATAL: Unknown authentication mechanism "ARGON2ID" Output from doveadm pw -l doveadm pw -l SHA1

OS environment: Linux qnap-nas 5.10.60-qnap #1 SMP Thu Jan 12 04:39:10 CST 2023 x86_64 GNU/Linux I enabled "auth-passwdfile.conf.ext? in 10-auth.conf #!include auth-deny.conf.ext #!include auth-master.conf.ext #!include auth-system.conf.ext #!include auth-sql.conf.ext #!include auth-ldap.conf.ext !include auth-passwdfile.conf.ext #!include auth-checkpassword.conf.ext #!include

Hi, The args parameter of userdb contains scheme, username format and location of the password file. Please take a look this link https://doc.dovecot.org/configuration_manual/authentication/passwd_file/ For example, mine is: userdb { driver = passwd-file args = username_format=%u /etc/dovecot/imap.passwd } $ head /etc/dovecot/imap.passwd to at localhost.local

Hello, I'm running dovecot 2.0.x on a centos 5.6 machine. This is a new installation, I haven't even opened the firewall to it yet. I was trying to telnet localhost 143 and 110 trying to authenticate a user. I'm getting authentication failure in my maillog but no details. Here's the one line I get in my maillog: May 14 15:33:42 ohio dovecot: pop3-login: Aborted login (auth failed,

Hi all, I'd like to know if it's possible to add a custom field when the authentification is made by users. My boolean custom field will be for example "AllowUser" (false/true). I'm trying to do something like that but it's not working : /user_filter = (&(objectClass=posixAccount)(uid=%u)(objectClass=myclass)(AllowUser=TRUE))/ This is my dovecot/ldap

I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed. I was playing around with different encryption schemes. doveadm pw -l SHA1 SSHA512 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA RPA DES-CRYPT CRYPT SSHA MD5-CRYPT SKEY PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 LANMAN SHA512-CRYPT CLEAR CLEARTEXT SSHA256 NTLM MD5 PBKDF2 SHA256 CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT SMD5 DIGEST-MD5

I am not sure if I understand it correctly, that this configuration is for each user has its mailbox in its home directory. This is not my intention, I have in 10-mail.conf the mailloration configured as: mail_location = maildir:/opt/local/var/spool/dovecot/%u:LAYOUT=fs > On 23 Mar 2023, at 12:37, Duc Anh Do <doducanh2710 at gmail.com> wrote: > > Hi, > > The args parameter