similar to: Bug in Dovecot 1.0.5 - CRYPT-MD5 not working

Hey all, It seems that dovecot does NOT call vchkpw properly when using vpopmail-style authentication, I can only guess that it reads the vpasswd{,.cdb} files directly. This is indicated by the syslog log for the mail facitily which reads: Jun 30 16:51:30 [vpopmail] vchkpw-smtp: (PLAIN) login success blah at blah.com:24.17.153.137 Jun 30 17:16:25 [pop3-login] Login: blah at blah.com

Hello Everybody, i try to use more than the common: passwd program = /usr/bin/passwd %u what i try to do is a passwd program = /usr/bin/passwd %u && /usr/bin/htpasswd /location/of/file %u it works perfect with /usr/bin/passwd... but i just can?t get it to make an entry to /usr/bin/htpasswd can someone please help me best regards Alex

hello, in which way do you login ? loginuser*masteruser or just masteruser? You have to do the login with loginuser*masteruser masterpass greetings dominik Am Freitag, den 29.05.2015, 10:14 -0400 schrieb Charles Marcus: > Apologies - maybe doveconf -n shows a hint at the problem? > > Maybe it has to do with I'm using the default_realm? But I've tried > adding the user as

Hi everybody - I'm trying to write a Perl wrapper for some rsync tasks that need doing. Problem is, there's some sort of odd interaction going on between Perl and the daemon mode communication for the rsync client, and I'm at my wit's end in trying to figure it out. Here's the Perl script: #####################################################

The reason it fails is because auth process runs out of memory and there is a bug in libsodium which causes it to crash in this scenario. The fix is to do service auth { ? vsz_limit = 0 # or 2G at least } Aki On 26.09.2018 09:12, Keith Amidon wrote: > I'm using dovecot version 2.3.2.1 (0719df592) and trying to use the > ARGON2ID crypt scheme for authentication using the passdb

On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: > Hello, > > I am wondering which variant is more secure for user authentication and > password scheme. Basically I am looking at both variants: > > 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism > 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism > > In my opinion the option 2)

Am 06.12.2014 um 06:56 schrieb Jan Wide?: > If you add disable_plaintext_auth=yes ssl=required settings, then > dovecot will drop authentication without STARTTLS. But damage will be > done, client will send unencrypted (or in this scenario MD5 or SHA512 > hash) login/password no, damage will *not* be done STARTTLS happens in context of connect and *log before* any authentication is

Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>: > >Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash)

Hello, I am wondering which variant is more secure for user authentication and password scheme. Basically I am looking at both variants: 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism In my opinion the option 2) should be safer although it is using PLAIN auth mechanism. Of course I would always use STARTTLS and

On 12/06/2014 02:35 AM, Nick Edwards wrote: > On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: >> Hello, >> >> I am wondering which variant is more secure for user authentication and >> password scheme. Basically I am looking at both variants: >> >> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism >> 2) SHA512-CRYPT password

For some reason when using -owner -group my files end up being nobody:nobody on the destination..? This is Solaris 9. Jeremy S. Loukinas

I'm using dovecot version 2.3.2.1 (0719df592) and trying to use the ARGON2ID crypt scheme for authentication using the passdb passwd-file driver. My passdb config is very simple: ??? passdb { ????? driver = passwd-file ????? args = username_format=%u <path-to-file-here> ??? } If I generate a password this way: ??? doveadm pw -s ARGON2ID -p 'This is a test' I get a crypt

Hi, I use rsync 2.6.0 version to synchronize 125GB data, I got the following error messages by using the following command: /usr/bin/rsync --rsync-path=/usr/bin/rsync --rsh="/usr/bin/ssh -C" --stats --timeout=43200 -avSH --delete <source path> <dest path> The error messages: io timeout after 43200 seconds - exiting rsync error: timeout in data send/receive (code 30) at

After upgrading my dovecot installation about a month ago, I have started seeing "Requested CRAM-MD5 scheme, but we have only MD5-CRYPT" message from dovecot in my logs. Any help in finding and correcting the cause will be greatly appreciated. --Richard

'afternoon list! I use mysql as userdb, which contains two type of password schemes: DES and MD5-CRYPT. I read there : http://wiki.dovecot.org/Authentication/PasswordSchemes that both are supported by dovecot. Unfortunately, dovecot keeps saying: Not a valid MD5-CRYPT or PLAIN-MD5 password when looking for a user with DES encrypted password. Is dovecot able to recognize password

Hi friends, I am migrating imap-courier to dovecot, I use openbsd+postfix+imap-courier, and now I'm trying to run openbsd+opensmtpd+dovecot. In the beginning it was a little traumante but it works OpenSMTPD correctly. Now I have configured dovecot, and I hope that your backend authorization is the same database that was used imap-courier. In /var/log/maillog receipt the following error

When using CRYPT to encrypt the password, you must put the following in dovecot-sql.conf.ext default_pass_scheme = CRYPT I hope this can help more people, in addition to leave you as I did my query: password_query = \ SELECT password \ FROM users WHERE login = '%u -- editor de sue?os

Here's a strange one. I have Dovecot set up on Solaris 9. The auth portion of the config is straight out of the box. Using PAM. We have most users in a dbm file which is just a series of key/value pairs: key is a username, and value is a string equivalent to a shadow entry. nsswitch.conf entry: passwd files dbm. For historical reasons, some users have a classic 13-character Unix crypt

I'm getting a lot of entries like this in my log: Apr 16 10:10:18 postamt dovecot: auth(default): shadow(doxxxris,141.42.206.38): CRYPT(wrongpassword) != '$1$qSe71xxx$09MoMqNyll.wPLCdSaFuA0', try MD5-CRYPT scheme instead It seems that changing the password via SquirrelMail (poppasswd) breaks the authentication scheme somewhat. Users cannot log in anymore. -- Ralf Hildebrandt

First of all, hello to the list. I'm currently migrating from a /etc/passwd and /etc/shadow based configuration to a MySQL based one using dovecot 99.14 on debian sarge. The problem is that the /etc/shadow containes both DES encoded (Crypt) and md5 based passwords. I've set the default system to be Crypt, and have added {MD5-CRYPT} in front of the md5 passwords in place of the $1$