similar to: MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN

Displaying 20 results from an estimated 9000 matches similar to: "MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN"

2014 Dec 06
3
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
On 12/06/2014 02:35 AM, Nick Edwards wrote: > On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: >> Hello, >> >> I am wondering which variant is more secure for user authentication and >> password scheme. Basically I am looking at both variants: >> >> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism >> 2) SHA512-CRYPT password
2014 Dec 06
1
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>: > >Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash)
2014 Dec 06
0
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: > Hello, > > I am wondering which variant is more secure for user authentication and > password scheme. Basically I am looking at both variants: > > 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism > 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism > > In my opinion the option 2)
2014 Dec 06
0
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
Am 06.12.2014 um 06:56 schrieb Jan Wide?: > If you add disable_plaintext_auth=yes ssl=required settings, then > dovecot will drop authentication without STARTTLS. But damage will be > done, client will send unencrypted (or in this scenario MD5 or SHA512 > hash) login/password no, damage will *not* be done STARTTLS happens in context of connect and *log before* any authentication is
2013 Dec 25
1
SHA512-CRYPT scheme fails password verification
Hello, If I try to use the crypt schemes provided by libc. I fail as follows: jnikula at jlaptop:~/$ doveadm pw -s SHA512-CRYPT -p 123456 {SHA512-CRYPT}$6$to2umWLDtqvzS8SV$ZGpBeGNKuUN/2HKG6I2BEAt.Gzrz/y.SZDkos2GT2ik8obnp3XCFWfVsKVriJa6jjHULmLIqCSSyaF5YrTH7u. jnikula at jlaptop:~/$ doveadm pw -t
2014 Aug 12
3
doveadm pw with SHA512-CRYPT won't roundtrip
Hi, Not sure if this is a PBKAC or not:- root at ds3:/usr/share/postfixadmin# doveadm pw -s SHA512-CRYPT -p password {SHA512-CRYPT}$6$aUgGXP0UshkMj7hY$9JV4yMRsjIe/98CzmglYrMjf.9NJ.FXzxcLE9B0v3doCRUWo2wRncc6hg6VCs0DCUHQbeC/bRDZdGCge/nB/h/ root at ds3:/usr/share/postfixadmin# doveadm pw -t
2014 Dec 14
2
Can't save to folders
When I login through imap, I can see everything in ~/mail/ just fine. I cannot save to any of them. If I have an autocreate-autosubscribe folder (ZZZ here), it shows up as empty (correct). Then if I save something to it through imap, a file ~/mail/ZZZ appears, but nothing actually gets saved to it. David Griffith dave at 661.org ===begin quote=== # 2.1.7: /etc/dovecot/dovecot.conf # OS:
2018 Mar 10
3
dovecot sha512-crypt database storage
Hello, I've got dovecot authenticating to a MySQL database. I've got a field varchar(128) called password. Whenever I create a password I use doveadm pw as in: doveadm pw -s sha512-crypt now i'd like to get MySQL to make a dovecot-specific password. My goal is to eventually have roundcube's password plugin working with this MySQL database to change the password. Thanks. Dave.
2019 Jun 20
1
Help on CRAM-MD5
Le 20/06/2019 ? 11:59, @lbutlr via dovecot a ?crit?: > On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot <dovecot at dovecot.org> wrote: >> There is plenty of context where TLS is not possible/desirable. > I?d say that is terrible advice. There are no reasonable contexts where is it is acceptable to send mail credentials without encryption. My users have had to use STARTTLS
2015 May 01
1
Fatal: Unknown scheme: SHA512-CRYPT. On a Mac-mini
Running postfix+dovecot+mysql on a mac-mini, and trying to solve this puzzle. Is this a Mac issue?, a MySQL issue? or something I haven't configured in? You can see from the output of the samples shows in the first case, that SHA512-CRYPT seems to be Unknown. The code I used is from a Linux based tutorial on setting up Postfix+Dovecot+MySQL on a site. Everything is generally going ok, apart
2015 Jun 04
2
Testing SHA512-CRYPT password hashes with doveadm pw -t fails
Hi, I use Debian jessie with Dovecot 2.2.13-11. While writing a script for Horde to change the passwords in my passwd file I noticed doveadm pw -t fails for SHA512-CRYPT: # doveadm pw -s SHA1 -p test {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= # doveadm pw -t {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= -p test {SHA1}qUqP5cyxm6YcTAhz05Hph5gvu9M= (verified) # doveadm pw -s SHA512-CRYPT -p test
2014 Dec 03
4
Replication sieve scripts.
Hi, according to changelog 2.2.rc3, dsync should replicate sieve scripts. Do I need turn on or switch some option(s), for this to work? Replication of mailboxes works great, only sieve scripts not. root at mail-1-proidea ~ # dpkg -l dovecot* | grep ^ii ii dovecot-core 2:2.2.15-1~auto+0 amd64 secure POP3/IMAP server - core files ii dovecot-imapd
2008 Jun 01
2
Requested CRAM-MD5 scheme, but we have only MD5-CRYPT
After upgrading my dovecot installation about a month ago, I have started seeing "Requested CRAM-MD5 scheme, but we have only MD5-CRYPT" message from dovecot in my logs. Any help in finding and correcting the cause will be greatly appreciated. --Richard
2010 Aug 07
1
dovecot.conf: mechanisms = plain login cram-md5 | Windows Live Mail: CRAM-MD5 authentication failed. This could (NOT) be due to a lack of memory on your system
/etc/dovecot.conf: auth default { mechanisms=plain login cram-md5 passdb { #.............. Windows Live Mail: CRAM-MD5 authentication failed. This could be due to a lack of memory on your system. Your IMAP command could not be sent to the server, due to non-network errors. This could, for example, indicate a lack of memory on your system. Configuration: Account: Sheltoncomputers
2009 Jun 22
1
CRAM-MD5 authentication but plain-md5 password storage.
Hi all, Got a question on configuring dovecot, I'm still new at this so I might be doing this all wrong. I want dovecot to authenticate the mail client using CRAM-MD5 so I've setup the config in dovecot.conf: auth default { mechanisms = cram-md5 passdb sql { # Path for SQL configuration file, see doc/dovecot-sql-example.conf args = /etc/dovecot/dovecot-sql.conf
2019 Jun 18
4
Help on CRAM-MD5
Howdy, I'm using dovecot and mysql users, and i'm creating the password with: ENCRYPT('some-passwd',CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) So far so good, everything's fine. Today saw that i didn't enabled CRAM-MD5, but if I do, and the (at least) IMAP client (roundcube/thunderbird/etc) issues CRAM-MD5 it doesn't authenticate. What am i doing wrong, or
2010 Sep 23
1
Plain-Text & CRAM-MD5
Hi there, I'm currently running my auth against CRAM-MD5 only. But I face problems with customers who apparently have smart phones which ONLY support plain-text authentification ;( Bad - I know, but what should I do ... ;/ So my question now is: Is it possible to run CRAM-MD5 as well as Plain-Text auth together with Postfix if Postfix is using Dovecot's SASL auth service? Cause
2008 Apr 11
1
CRAM-MD5 Password Generation Algorithm
Hi, I'm just in the middle of setting up dovecot to serve IMAPS -- Actually I've finished apart from one thing: CRAM-MD5 passwords. I'm using SQL as a backend for the password storage, and I don't want to store the passwords in plaintext. I've also configured dovecot to be rather restrictive when it comes to authentication methods (only CRAM-MD5 is allowed). To generate the
2018 Apr 23
2
question about using cram-md5 login passwords
hello dovecot community, question; if my user database and dovecot installation is currently setup to use plain login passwords, and i want to convert to cram-md5, after i configure dovecot accordingly and reset passwords into cram-md5, if anyone uses plain login method again in the future, will it still work? or must they always from this point on use encrypted passwords? Thanks. -- Thanks,
2006 Jun 13
1
Plain and MD5 passwd for the same user?
Hello, I'm running dovecot 1.0-0_12.beta8. Since I have only a very small number of user on that server, I have their names and password in text files, no databases. imap works both via webmail and via Kmail Is it possible to have, for the same user, a plain unencrypted password when connecting via imap on the local interface (needed, as I understand it, to be squirrelmail compatible) and a