[Dovecot] SHA512-CRYPT scheme fails password verification
Darren Pilgrim
list_dovecot at bluerosetech.com
Wed Dec 25 09:07:55 EET 2013
On 12/24/2013 7:16 PM, Jouko Nikula wrote:
> Hello,
>
> If I try to use the crypt schemes provided by libc. I fail as follows:
>
> jnikula at jlaptop:~/$ doveadm pw -s SHA512-CRYPT -p 123456
> {SHA512-CRYPT}$6$to2umWLDtqvzS8SV$ZGpBeGNKuUN/2HKG6I2BEAt.Gzrz/y.SZDkos2GT2ik8obnp3XCFWfVsKVriJa6jjHULmLIqCSSyaF5YrTH7u.
> jnikula at jlaptop:~/$ doveadm pw -t
> {SHA512-CRYPT}$6$to2umWLDtqvzS8SV$ZGpBeGNKuUN/2HKG6I2BEAt.Gzrz/y.SZDkos2GT2ik8obnp3XCFWfVsKVriJa6jjHULmLIqCSSyaF5YrTH7u.
> -p 123456
> doveadm(jnikula): Fatal: reverse password verification check failed:
> Password mismatch
>
> Using SHA512 sum scheme (-s SHA512) works ok in the same manner.
>
> I have dovecot version 2.2.9 on Linux 3.11.0-14-generic x86_64 Ubuntu
> 13.10 and I get the same results on 32-bit Debian as well. Does anyone
> have idea what's wrong?
You're being bitten by shell interpretation/expansion. You need to make
the hash an uninterpretted literal (in bourne-type shells, wrap it in
single quotes):
# doveadm pw -s SHA512-CRYPT -p 123456
{SHA512-CRYPT}$6$ZmAHfx//YBcuQdpt$/vUoc3G7y/v9JMSfrz0zhdBTs2U5ZmyLZbB6BEpV3BBi8f9N70kNf6xZWAnhE.hQn46pQhpIwnziIdNfjlAKu1
# doveadm pw -t
{SHA512-CRYPT}$6$ZmAHfx//YBcuQdpt$/vUoc3G7y/v9JMSfrz0zhdBTs2U5ZmyLZbB6BEpV3BBi8f9N70kNf6xZWAnhE.hQn46pQhpIwnziIdNfjlAKu1
-p 123456
doveadm(root): Fatal: reverse password verification check failed:
Password mismatch
# doveadm pw -t
'{SHA512-CRYPT}$6$ZmAHfx//YBcuQdpt$/vUoc3G7y/v9JMSfrz0zhdBTs2U5ZmyLZbB6BEpV3BBi8f9N70kNf6xZWAnhE.hQn46pQhpIwnziIdNfjlAKu1'
-p 123456
{SHA512-CRYPT}$6$ZmAHfx//YBcuQdpt$/vUoc3G7y/v9JMSfrz0zhdBTs2U5ZmyLZbB6BEpV3BBi8f9N70kNf6xZWAnhE.hQn46pQhpIwnziIdNfjlAKu1
(verified)
More information about the dovecot
mailing list