Displaying 20 results from an estimated 2000 matches similar to: "Bug in Dovecot 1.0.5 - CRYPT-MD5 not working"
2005 Jun 30
2
Dovecot doesn't use vchkpw properly :(
Hey all,
It seems that dovecot does NOT call vchkpw properly when using
vpopmail-style authentication, I can only guess that it reads the
vpasswd{,.cdb} files directly. This is indicated by the syslog log
for the mail facitily which reads:
Jun 30 16:51:30 [vpopmail] vchkpw-smtp: (PLAIN) login success
blah at blah.com:24.17.153.137
Jun 30 17:16:25 [pop3-login] Login: blah at blah.com
2005 Jun 23
3
Using more than one passwd program
Hello Everybody,
i try to use more than the common:
passwd program = /usr/bin/passwd %u
what i try to do is a
passwd program = /usr/bin/passwd %u && /usr/bin/htpasswd
/location/of/file %u
it works perfect with /usr/bin/passwd...
but i just can?t get it to make an entry to /usr/bin/htpasswd
can someone please help me
best regards
Alex
2015 May 29
1
Enabling Master User for migration
hello,
in which way do you login ?
loginuser*masteruser or just masteruser?
You have to do the login with loginuser*masteruser masterpass
greetings
dominik
Am Freitag, den 29.05.2015, 10:14 -0400 schrieb Charles Marcus:
> Apologies - maybe doveconf -n shows a hint at the problem?
>
> Maybe it has to do with I'm using the default_realm? But I've tried
> adding the user as
2004 May 05
5
rsync and Perl programming
Hi everybody -
I'm trying to write a Perl wrapper for some rsync tasks that need doing.
Problem is, there's some sort of odd interaction going on between Perl
and the daemon mode communication for the rsync client, and I'm at my
wit's end in trying to figure it out.
Here's the Perl script:
#####################################################
2018 Sep 26
0
Can't authenticate using ARGON2ID crypt scheme from doveadm pw w/rounds != default
The reason it fails is because auth process runs out of memory and there
is a bug in libsodium which causes it to crash in this scenario. The fix
is to do
service auth {
? vsz_limit = 0 # or 2G at least
}
Aki
On 26.09.2018 09:12, Keith Amidon wrote:
> I'm using dovecot version 2.3.2.1 (0719df592) and trying to use the
> ARGON2ID crypt scheme for authentication using the passdb
2014 Dec 06
0
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
On 12/5/14, ML mail <mlnospam at yahoo.com> wrote:
> Hello,
>
> I am wondering which variant is more secure for user authentication and
> password scheme. Basically I am looking at both variants:
>
> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism
> 2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism
>
> In my opinion the option 2)
2014 Dec 06
0
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
Am 06.12.2014 um 06:56 schrieb Jan Wide?:
> If you add disable_plaintext_auth=yes ssl=required settings, then
> dovecot will drop authentication without STARTTLS. But damage will be
> done, client will send unencrypted (or in this scenario MD5 or SHA512
> hash) login/password
no, damage will *not* be done
STARTTLS happens in context of connect and *log before* any
authentication is
2014 Dec 06
1
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>:
>
>Am 06.12.2014 um 06:56 schrieb Jan Wide?:
>> If you add disable_plaintext_auth=yes ssl=required settings, then
>> dovecot will drop authentication without STARTTLS. But damage will be
>> done, client will send unencrypted (or in this scenario MD5 or SHA512
>> hash)
2014 Dec 05
3
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
Hello,
I am wondering which variant is more secure for user authentication and password scheme. Basically I am looking at both variants:
1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism
2) SHA512-CRYPT password scheme storage with PLAIN auth mechanism
In my opinion the option 2) should be safer although it is using PLAIN auth mechanism. Of course I would always use STARTTLS and
2014 Dec 06
3
MD5-CRYPT/CRAM-MD5 vs SHA512-CRYPT/PLAIN
On 12/06/2014 02:35 AM, Nick Edwards wrote:
> On 12/5/14, ML mail <mlnospam at yahoo.com> wrote:
>> Hello,
>>
>> I am wondering which variant is more secure for user authentication and
>> password scheme. Basically I am looking at both variants:
>>
>> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism
>> 2) SHA512-CRYPT password
2004 Jul 15
3
Rsync not preserving owner/group
For some reason when using -owner -group my files end up being nobody:nobody
on the destination..?
This is Solaris 9.
Jeremy S. Loukinas
2018 Sep 26
2
Can't authenticate using ARGON2ID crypt scheme from doveadm pw w/rounds != default
I'm using dovecot version 2.3.2.1 (0719df592) and trying to use the
ARGON2ID crypt scheme for authentication using the passdb passwd-file
driver. My passdb config is very simple:
??? passdb {
????? driver = passwd-file
????? args = username_format=%u <path-to-file-here>
??? }
If I generate a password this way:
??? doveadm pw -s ARGON2ID -p 'This is a test'
I get a crypt
2004 Apr 14
1
Error msg
Hi,
I use rsync 2.6.0 version to synchronize 125GB data,
I got the following error messages by using the following
command:
/usr/bin/rsync --rsync-path=/usr/bin/rsync --rsh="/usr/bin/ssh -C" --stats --timeout=43200 -avSH
--delete <source path> <dest path>
The error messages:
io timeout after 43200 seconds - exiting
rsync error: timeout in data send/receive (code 30) at
2008 Jun 01
2
Requested CRAM-MD5 scheme, but we have only MD5-CRYPT
After upgrading my dovecot installation about a month ago, I have started
seeing "Requested CRAM-MD5 scheme, but we have only MD5-CRYPT" message
from dovecot in my logs.
Any help in finding and correcting the cause will be greatly appreciated.
--Richard
2010 Jan 20
2
md5_verify(...): Not a valid MD5-CRYPT or PLAIN-MD5 password
'afternoon list!
I use mysql as userdb, which contains two type of
password schemes: DES and MD5-CRYPT.
I read there :
http://wiki.dovecot.org/Authentication/PasswordSchemes
that both are
supported by dovecot.
Unfortunately, dovecot keeps saying: Not a valid
MD5-CRYPT or PLAIN-MD5 password when looking for a user with DES encrypted
password.
Is dovecot able to recognize password
2015 Feb 11
0
Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password
Hi friends,
I am migrating imap-courier to dovecot, I use openbsd+postfix+imap-courier,
and now I'm trying to run openbsd+opensmtpd+dovecot.
In the beginning it was a little traumante but it works OpenSMTPD correctly.
Now I have configured dovecot, and I hope that your backend
authorization is the
same database that was used imap-courier.
In /var/log/maillog receipt the following error
2015 Feb 12
0
Invalid password in passdb: Not a valid MD5-CRYPT or PLAIN-MD5 password
When using CRYPT to encrypt the password, you must put the following in
dovecot-sql.conf.ext
default_pass_scheme = CRYPT
I hope this can help more people, in addition to leave you as I did my
query:
password_query = \
SELECT password \
FROM users WHERE login = '%u
--
editor de sue?os
2006 Sep 23
1
PAM authentication problem: MD5 vs crypt
Here's a strange one. I have Dovecot set up on Solaris 9. The auth portion
of the config is straight out of the box. Using PAM. We have most users in
a dbm file which is just a series of key/value pairs: key is a username,
and value is a string equivalent to a shadow entry. nsswitch.conf entry:
passwd files dbm.
For historical reasons, some users have a classic 13-character Unix crypt
2010 Apr 16
2
"try MD5-CRYPT scheme instead"?
I'm getting a lot of entries like this in my log:
Apr 16 10:10:18 postamt dovecot: auth(default): shadow(doxxxris,141.42.206.38): CRYPT(wrongpassword) != '$1$qSe71xxx$09MoMqNyll.wPLCdSaFuA0', try MD5-CRYPT scheme instead
It seems that changing the password via SquirrelMail (poppasswd)
breaks the authentication scheme somewhat. Users cannot log in anymore.
--
Ralf Hildebrandt
2007 Feb 09
1
MD5-CRYPT passwords in a MySQL Database
First of all, hello to the list.
I'm currently migrating from a /etc/passwd and /etc/shadow based
configuration to a MySQL based one using dovecot 99.14 on debian sarge.
The problem is that the /etc/shadow containes both DES encoded (Crypt)
and md5 based passwords. I've set the default system to be Crypt, and
have added {MD5-CRYPT} in front of the md5 passwords in place of the $1$