[Dovecot] PLAIN-MD5 passwords?
Peter Clark
peter-clark at bethel.edu
Fri Dec 31 20:10:46 EET 2004
After I found out that {CRYPT} doesn't support passwords longer than 8
characters, I decided to switch over to MD5 for user passwords in my LDAP
database. However, while I have no problem with Postfix + SASL, Dovecot fails
to authenticate.
Relevant bits from /etc/dovecot-ldap.conf:
user_attrs = mailAddress,,,,,
# The search string is identical to what's found in /etc/saslauthd.conf:
user_filter = (&(|(uid=%u)(mailAddress=%u))(status=active))
pass_attrs = mailAddress,userPassword
pass_filter = (&(|(uid=%u)(mailAddress=%u))(status=active))
default_pass_scheme = PLAIN-MD5
When I try to connect using either KMail or SquirrelMail (which worked just
fine before I switched schemes), the following error appears
in /var/log/syslog:
ldap(user at mydomain.tld): password mismatch
But when I try 'testsaslauthd -u user at mydomain.tld -p longpassword' it
authenticates just fine.
I have the line 'password-hash {MD5}' in /etc/ldap/slapd.conf, and I
used 'slappasswd -h {MD5}' to create the MD5 versions of the passwords.
Dovecot is v. 0.99.11. If I can't figure out how to get it to work with MD5,
I guess I'll have to go back to CRYPT, but it would be nice to have longer
passwords...
:Peter
More information about the dovecot
mailing list