Trying to get master users working.
I'm not sure what info would be best, but here's the detail I have now, in trying to get it working. Setup the master user file, and enabled master users in the conf files. Created the master user file and user/password hash.
Turned on authentication debug. When I try something like: telnet localhost 143 and then supply the master user login - kind of like this: 1 login joeb*jb-master somepassword
I get this in the logs. (Some obfuscation done.)
dovecot: auth: Debug: auth client connected (pid=24985) dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=34376#011resp=<hidden> dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Master user lookup for login: joeb dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): lookup: user=jb-master file=/etc/dovecot/masterusers-test dovecot: auth: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Password mismatch dovecot: auth: Debug: client passdb out: FAIL#0111#011user=jb-master
Yet I can use htpasswd -b -c -s /etc/dovecot/masterusers-test jb-master somepassword And this succeeds. (I created the masterusers-test file with httpasswd)
So, I must have the password right, but dovecot is till failing the auth, claiming a bad password.
How do I go about getting more detail so I can determine what's wrong?
TIA -Greg
Anyone?
Trying to get master users working.
I'm not sure what info would be best, but here's the detail I have now, in trying to get it working. Setup the master user file, and enabled master users in the conf files. Created the master user file and user/password hash.
Turned on authentication debug. When I try something like: telnet localhost 143 and then supply the master user login - kind of like this: 1 login joeb*jb-master somepassword
I get this in the logs. (Some obfuscation done.)
dovecot: auth: Debug: auth client connected (pid=24985) dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=34376#011resp=<hidden> dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Master user lookup for login: joeb dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): lookup: user=jb-master file=/etc/dovecot/masterusers-test dovecot: auth: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Password mismatch dovecot: auth: Debug: client passdb out: FAIL#0111#011user=jb-master
Yet I can use htpasswd -b -c -s /etc/dovecot/masterusers-test jb-master somepassword And this succeeds. (I created the masterusers-test file with httpasswd)
So, I must have the password right, but dovecot is till failing the auth, claiming a bad password.
How do I go about getting more detail so I can determine what's wrong?
TIA -Greg
Did you try with doveadm pw -t 'hash-goes-here'
?
Sometimes you need to use
passdb { driver = passwd-file args = scheme=your-pw-scheme /path/to/file }
Note that the path must be placed last.
Aki
On 28/01/2021 20:53 Gregory Sloop <gregs@sloop.net> wrote:
Anyone?
Trying to get master users working.
I'm not sure what info would be best, but here's the detail I have now, in trying to get it working. Setup the master user file, and enabled master users in the conf files. Created the master user file and user/password hash.
Turned on authentication debug. When I try something like: telnet localhost 143 and then supply the master user login - kind of like this: 1 login joeb*jb-master somepassword
I get this in the logs. (Some obfuscation done.)
dovecot: auth: Debug: auth client connected (pid=24985) dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=34376#011resp=<hidden> dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Master user lookup for login: joeb dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): lookup: user=jb-master file=/etc/dovecot/masterusers-test dovecot: auth: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Password mismatch dovecot: auth: Debug: client passdb out: FAIL#0111#011user=jb-master
Yet I can use htpasswd -b -c -s /etc/dovecot/masterusers-test jb-master somepassword And this succeeds. (I created the masterusers-test file with httpasswd)
So, I must have the password right, but dovecot is till failing the auth, claiming a bad password.
How do I go about getting more detail so I can determine what's wrong?
TIA -Greg
Top posting.
Following up on this...
I can't recall if I ever used the "doveadm pw -t 'hash-goes-here'" method or not.
But I did get it working. I was never able to get it to work using the htpasswd utility as suggested in the Wiki. And as noted, htpasswd was able to "verify" the hash in the file it generated - so I know the hash matches the password I intended.
Prior to Aki suggesting the doveadm method, I'd actually already done so. I used [IIRC] doveadm pw -s SHA512-CRYPT [I note the hash type, specifically, because I only know that this one hash works, so if there's any question later, from someone else struggling, try this specific one.]
After generating the hash, and including it in the file, and restarting/reloading dovecot I can now auth with a master user.
I'd recommend that someone either update the docs/wiki after verifying that htpasswd works and how, or remove it from the wiki and leave the doveadm version only.
-Greg
AT> Did you try with doveadm pw -t 'hash-goes-here'
?
AT> Sometimes you need to use
AT> passdb { AT> driver = passwd-file AT> args = scheme=your-pw-scheme /path/to/file AT> }
AT> Note that the path must be placed last.
AT> Aki
On 28/01/2021 20:53 Gregory Sloop <gregs@sloop.net> wrote:
Anyone?
Trying to get master users working.
I'm not sure what info would be best, but here's the detail I have now, in trying to get it working. Setup the master user file, and enabled master users in the conf files. Created the master user file and user/password hash.
Turned on authentication debug. When I try something like: telnet localhost 143 and then supply the master user login - kind of like this: 1 login joeb*jb-master somepassword
I get this in the logs. (Some obfuscation done.)
dovecot: auth: Debug: auth client connected (pid=24985) dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011session=MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB#011lip=::1#011rip=::1#011lport=143#011rport=34376#011resp=<hidden> dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Master user lookup for login: joeb dovecot: auth: Debug: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): lookup: user=jb-master file=/etc/dovecot/masterusers-test dovecot: auth: passwd-file(jb-master,::1,master,<MM6QC9a5SIYAAAAAAAAAAAAAAAAAAAAB>): Password mismatch dovecot: auth: Debug: client passdb out: FAIL#0111#011user=jb-master
Yet I can use htpasswd -b -c -s /etc/dovecot/masterusers-test jb-master somepassword And this succeeds. (I created the masterusers-test file with httpasswd)
So, I must have the password right, but dovecot is till failing the auth, claiming a bad password.
How do I go about getting more detail so I can determine what's wrong?
TIA -Greg
On 2/1/21 12:46 PM, Gregory Sloop wrote:
I was never able to get it to work using the htpasswd utility as suggested in the Wiki.
I'd guess that's due to this from "man htpasswd" on my system:
htpasswd encrypts passwords using either bcrypt, a version of MD5 modified for Apache, SHA1, or the system's crypt() routine [... MD5] is the default (since version 2.2.18).
So it's emitting something weird that's now specific to Apache only. You can pass htpasswd flags to emit SHA passwords and so on, but "doveadm pw" probably makes more sense.
-- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/
participants (3)
-
Aki Tuomi
-
Gregory Sloop
-
Robert L Mathews