[Dovecot] Confused about "Authentication Mechanism" and "Password Schemes"
Miha Vrhovnik
miha.vrhovnik at cordia.si
Thu Jan 10 14:00:56 EET 2013
On 10.01.2013 12:44, Thomas Pries wrote:
> Hi,
>
> I am currently
setting up a Mailserver and decided to use Dovecot as
>
IMAP/POP3-Server. I read the wiki an thought about how to transmit and
> store the passwords (I want to use a MySQL-database).
>
> I want to
use encrypted transmission and encrypted storage. The wiki says:
>
>
"If you want to use only one non-plaintext mechanism, you can store the
> passwords using the mechanism's own password scheme. "
>
> Ok, one
secure mechanism is acceptable in my scenario and the wiki gives
> a
list of supported authentication mechanisms and a list of supported
>
password schemes.
>
> But I am missing the relation between the two
lists, which mechanism
> expects which storage scheme?
>
> Did I
overlooked any easy answer (other then "read the RFCs").
>
> Best
Regards
> Thomas
Hi Thomas,
its quite simple. If you store the
passwords in database in plain text then your server can use any
authentication algorithm available. however if you store
encrypted/hashed passwords, then the only two available authentication
algorithms is: plain as the dovecot needs to properly encode the
password
Regards,
M
More information about the dovecot
mailing list