doveadm pw generates different hash each time it is invoked

Joseph Tam jtam.home at gmail.com
Mon Dec 29 10:02:44 UTC 2014


reik red writes:

> (I'm re-submittting after setting up a subscription, so I don't have to wait for the moderator)
> ,
> What happened next surprised me greatly: if I specify "-s ssha", the
> resulting hashed password changes each time I invoke "doveadm pw", but
> if I do not specify the hashing method, I get the same password each time (as I
> expect). What on earth is going on here? There must be something
> fundamental that I am missing.

"doveadm pw" is working correctly.  CRAM-MD5 and SSHA use hashing in 2
different ways to authenticate a user.

CRAM-MD5 is a challenge-response system where the server sends the
client a random string each and every session.  The client hashes the
password and the random string and sends it to the server as proof
of authenticity.  The server performs the same calculation to verify.
However, the server needs to know the password (or password equivalent)
in order to duplicate the hash calculation.

SSHA precomputes the random strings (salt) and hashes the password with
it, and stores both salt and hash in the password database.  During
authentication, the password is (or ought to be) transmitted plain within
a SSL connection from the client to the server, then the server hashes the
password with the stored salt and compares with the hash in the database.
Every time you run "doveadm pw -s sha" a new random salt is generated,
hence a new hash is produced even though you use the same password.

You would use challenge-response in situations where the communication
channel is insecure (i.e. non-SSL).  However, the drawback is the password
database contains enough information for someone to authenticate if it
should fall into the wrong hands.

Joseph Tam <jtam.home at gmail.com>


More information about the dovecot mailing list