On 12 February 2019 at 19:24 Leonardo Rodrigues via dovecot dovecot@dovecot.org wrote:
Here i have SSHA256 working with:
default_pass_scheme = PLAIN
and my database scheme just received the hashed password prefixed by the SSHA indicator, just like:
mysql> select * from emails where endereco = 'solutti@XXXXXXXXX'\G *************************** 1. row *************************** endereco: solutti@XXXXXXXXXXXXXX password: {SSHA256.HEX}d90bac4xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx quota: 51200
Em 12/02/2019 14:05, Robert Moskowitz via dovecot escreveu:
I have trying to find how to set the dovecot-sql.conf for using SHA256/512. I am going to start clean with the stronger format, not migrate from the old MD5. It seems all I need is: driver = mysql connect = host=/var/lib/mysql/mysql.sock dbname=postfix user=postfix password=$Postfix_Database_Password default_pass_scheme = SHAxxx-CRYPT # following should all be on one line. password_query = SELECT username as user, password, concat('/home/vmail/', maildir) as userdb_home, concat('maildir:/home/vmail/', maildir) as userdb_mail, 101 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1' # following should all be on one line user_query = SELECT concat('/home/vmail/', maildir) as home, concat('maildir:/home/vmail/', maildir) as mail, 101 AS uid, 12 AS gid, CONCAT('*:messages=30000:bytes=', quota) as quota_rule FROM mailbox WHERE username = '%u' AND active = '1' where xxx is either 256 or 512. All the rest I have been finding in my searches concern converting the format and are not needed for a clean start?
thanks
--
Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email gertrudes@solutti.com.br My SPAMTRAP, do not email it
You can use {CRYPT} prefix in the password field, this will cover both SHA256 and SHA512, unless you want to be explicit about which one it is.
The .HEX thing is not usually needed.
Aki