On 2/12/19 5:05 PM, Robert Moskowitz via dovecot wrote:
I have trying to find how to set the dovecot-sql.conf for using SHA256/512. I am going to start clean with the stronger format, not migrate from the old MD5. It seems all I need is:
[...] default_pass_scheme = SHAxxx-CRYPT [...]How do your users change their password ?
Thanks much better info than I was seeing in my googling. Except I would not use %p:Here's how I configured my roundcube's password plugin to keep things together ($roundcubefolder/plugins/password/config.php)
$config['password_algorithm'] = 'dovecot';$config['password_algorithm_prefix'] = '{SHA512-CRYPT}';$config['password_dovecotpw_method'] = 'SHA512-CRYPT';$config['password_query'] = "UPDATE mail.users SET password=%P WHERE email=%u LIMIT 1";I left other fields alone.
Yassine.
// The SQL query used to change the password. // The query can contain the following macros that will be expanded as follows: // %p is replaced with the plaintext new password // %c is replaced with the crypt version of the new password, MD5 if available // otherwise DES. // %D is replaced with the dovecotpw-crypted version of the new password // %o is replaced with the password before the change // %n is replaced with the hashed version of the new password // %q is replaced with the hashed password before the change // %h is replaced with the imap host (from the session info) // %u is replaced with the username (from the session info) // %l is replaced with the local part of the username // (in case the username is an email address) // %d is replaced with the domain part of the username // (in case the username is an email address)
$rcmail_config['password_query'] = "UPDATE mailbox SET password = %D, modified = NOW() WHERE username = %u";