Password mismatch after upgrade to Ubuntu Focal
Jeffrey van Doesburg
jeffrey at bit.nl
Tue Jun 16 16:36:54 EEST 2020
On Tue, 2020-06-16 at 08:47 -0400, John Stoffel wrote:
>
> Jeffrey> Thanks for your reply! We already found the issue, we're
> using a
> Jeffrey> special character in our salt which isn't allowed
> (anymore?). After
> Jeffrey> changing the salt, LDAP authentication is working again on
> Ubuntu
> Jeffrey> Focal.
>
> Great news, can you post more details so that other's don't run into
> the same problem? Knowing the salt value isn't a bad thing....
>
Ofcourse! We generated a unique salt for each password with the
characters: "A-Za-z0-9./~=[];':!-()". This worked fine for years, until
the upgrade to Ubuntu Focal.
After (long) debugging, we found out that only the following characters
are accepted for generating a valid salt: "./0-9A-Za-z"
So if you generate a salt for SHA, only use these characters:
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz".
More information about the dovecot
mailing list