Hi,
I am using dovecot 1.0 with squirrelmail. But when i use $imap_auth_mech = 'digest-md5' instead of plain, dovecot throws this line:
dovecot: Apr 23 09:16:07 Info: imap-login: Aborted login: user=<azher>, method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured
and user can't login. Plz suggest.
Regards -Azher
Settings:
disable_plaintext_auth = yes
auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi mechanisms = plain login cram-md5 digest-md5
Mysql Tables: Passwords are stored with the help of MD5 function
dovecot-sql.conf :
user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
On 113, 04 23, 2007 at 09:33:26AM +0500, Azher Amin wrote:
Hi,
I am using dovecot 1.0 with squirrelmail. But when i use $imap_auth_mech = 'digest-md5' instead of plain, dovecot throws this line:
dovecot: Apr 23 09:16:07 Info: imap-login: Aborted login: user=<azher>, method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured
and user can't login. Plz suggest.
Not enough data. Please enable auth_verbose and auth_debug in your dovecot.conf and let us see results.
Settings:
disable_plaintext_auth = yes
auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi mechanisms = plain login cram-md5 digest-md5
Mysql Tables: Passwords are stored with the help of MD5 function
This sounds too fuzzy... How exactly your passwords look like ?
dovecot-sql.conf :
user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
-- Andrey Panin | Linux and UNIX system administrator pazke@donpac.ru | PGP key: wwwkeys.pgp.net
Hi,
Following is the output with details:
dovecot: Apr 23 11:45:14 Info: auth(default): client in: AUTH 1
DIGEST-MD5 service=IMAP secured lip=127.0.0.1 rip=127.0.0.1
dovecot: Apr 23 11:45:14 Info: auth(default): client out: CONT 1
cmVhbG09IiIsbm9uY2U9Imkrelp5QStkSTBKd1B1ZnZPMktRYmc9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI=
dovecot: Apr 23 11:45:14 Info: auth(default): client in: CONT<hidden>
dovecot: Apr 23 11:45:14 Info: auth-worker(default):
sql(azher,127.0.0.1): query: SELECT userid as user, password, home as
userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE
userid = 'azher'
dovecot: Apr 23 11:45:14 Info: auth-worker(default):
password(azher,127.0.0.1): Requested DIGEST-MD5 scheme, but we have only
PLAIN-MD5
dovecot: Apr 23 11:45:16 Info: auth(default): client out: FAIL 1
user=azher
dovecot: Apr 23 11:45:16 Info: imap-login: Aborted login: user=<azher>,
method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured
Andrey Panin wrote:
On 113, 04 23, 2007 at 09:33:26AM +0500, Azher Amin wrote:
Hi,
I am using dovecot 1.0 with squirrelmail. But when i use $imap_auth_mech = 'digest-md5' instead of plain, dovecot throws this line:
dovecot: Apr 23 09:16:07 Info: imap-login: Aborted login: user=<azher>, method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured
and user can't login. Plz suggest.
Not enough data. Please enable auth_verbose and auth_debug in your dovecot.conf and let us see results.
Settings:
disable_plaintext_auth = yes
auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi mechanisms = plain login cram-md5 digest-md5
Mysql Tables: Passwords are stored with the help of MD5 function
This sounds too fuzzy... How exactly your passwords look like ?
dovecot-sql.conf :
user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
On 113, 04 23, 2007 at 11:50:53AM +0500, Azher Amin wrote:
Hi,
Following is the output with details:
dovecot: Apr 23 11:45:14 Info: auth(default): client in: AUTH 1
DIGEST-MD5 service=IMAP secured lip=127.0.0.1 rip=127.0.0.1 dovecot: Apr 23 11:45:14 Info: auth(default): client out: CONT 1
cmVhbG09IiIsbm9uY2U9Imkrelp5QStkSTBKd1B1ZnZPMktRYmc9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI= dovecot: Apr 23 11:45:14 Info: auth(default): client in: CONT<hidden> dovecot: Apr 23 11:45:14 Info: auth-worker(default): sql(azher,127.0.0.1): query: SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = 'azher' dovecot: Apr 23 11:45:14 Info: auth-worker(default): password(azher,127.0.0.1): Requested DIGEST-MD5 scheme, but we have only PLAIN-MD5
Only DIGEST-MD5 or PLAIN password scheme could be used with DIGEST-MD5 authentication mechanism.
dovecot: Apr 23 11:45:16 Info: auth(default): client out: FAIL 1
user=azher dovecot: Apr 23 11:45:16 Info: imap-login: Aborted login: user=<azher>, method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, securedAndrey Panin wrote:
On 113, 04 23, 2007 at 09:33:26AM +0500, Azher Amin wrote:
Hi,
I am using dovecot 1.0 with squirrelmail. But when i use $imap_auth_mech = 'digest-md5' instead of plain, dovecot throws this line:
dovecot: Apr 23 09:16:07 Info: imap-login: Aborted login: user=<azher>, method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured
and user can't login. Plz suggest.
Not enough data. Please enable auth_verbose and auth_debug in your dovecot.conf and let us see results.
Settings:
disable_plaintext_auth = yes
auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi mechanisms = plain login cram-md5 digest-md5
Mysql Tables: Passwords are stored with the help of MD5 function
This sounds too fuzzy... How exactly your passwords look like ?
dovecot-sql.conf :
user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
-- Andrey Panin | Linux and UNIX system administrator pazke@donpac.ru | PGP key: wwwkeys.pgp.net
Hi,
Thnx for reply. But still confused. Dovecot says: 'Requested DIGEST-MD5 scheme, but we have only PLAIN-MD5'
However in my configs, i have enabled the digest-md5 already: mechanisms = plain login cram-md5 digest-md5
So why it says that we have only PLAIN-MD5 ???
Plz seuggest ...
Regards -Azher
Andrey Panin wrote:
On 113, 04 23, 2007 at 11:50:53AM +0500, Azher Amin wrote:
Hi,
Following is the output with details:
dovecot: Apr 23 11:45:14 Info: auth(default): client in: AUTH 1
DIGEST-MD5 service=IMAP secured lip=127.0.0.1 rip=127.0.0.1 dovecot: Apr 23 11:45:14 Info: auth(default): client out: CONT 1
cmVhbG09IiIsbm9uY2U9Imkrelp5QStkSTBKd1B1ZnZPMktRYmc9PSIscW9wPSJhdXRoIixjaGFyc2V0PSJ1dGYtOCIsYWxnb3JpdGhtPSJtZDUtc2VzcyI= dovecot: Apr 23 11:45:14 Info: auth(default): client in: CONT<hidden> dovecot: Apr 23 11:45:14 Info: auth-worker(default): sql(azher,127.0.0.1): query: SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = 'azher' dovecot: Apr 23 11:45:14 Info: auth-worker(default): password(azher,127.0.0.1): Requested DIGEST-MD5 scheme, but we have only PLAIN-MD5Only DIGEST-MD5 or PLAIN password scheme could be used with DIGEST-MD5 authentication mechanism.
dovecot: Apr 23 11:45:16 Info: auth(default): client out: FAIL 1
user=azher dovecot: Apr 23 11:45:16 Info: imap-login: Aborted login: user=<azher>, method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, securedAndrey Panin wrote:
On 113, 04 23, 2007 at 09:33:26AM +0500, Azher Amin wrote:
Hi,
I am using dovecot 1.0 with squirrelmail. But when i use $imap_auth_mech = 'digest-md5' instead of plain, dovecot throws this line:
dovecot: Apr 23 09:16:07 Info: imap-login: Aborted login: user=<azher>, method=DIGEST-MD5, rip=127.0.0.1, lip=127.0.0.1, secured
and user can't login. Plz suggest.
Not enough data. Please enable auth_verbose and auth_debug in your dovecot.conf and let us see results.
Settings:
disable_plaintext_auth = yes
auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi mechanisms = plain login cram-md5 digest-md5
Mysql Tables: Passwords are stored with the help of MD5 function
This sounds too fuzzy... How exactly your passwords look like ?
dovecot-sql.conf :
user_query = SELECT home, uid, gid FROM users WHERE userid = '%u' password_query = SELECT userid as user, password, home as userdb_home, uid as userdb_uid, gid as userdb_gid FROM users WHERE userid = '%u'
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Hi,
Azher Amin wrote:
Hi,
Thnx for reply. But still confused. Dovecot says: 'Requested DIGEST-MD5 scheme, but we have only PLAIN-MD5'
However in my configs, i have enabled the digest-md5 already: mechanisms = plain login cram-md5 digest-md5
So why it says that we have only PLAIN-MD5 ??? Plz seuggest ... In your database you store the MD5 sum of your passwords. This only allows you to use plain and login authentication, because digest-md5 and cram-md5 can't work for technical reasons, when the passwords are already stored as MD5 sums. Please read here:
"With non-plaintext authentication mechanisms http://wiki.dovecot.org/Authentication/Mechanisms you either have to store the password in a mechanism-specific format (which is incompatible with all other auth mechanisms except plaintext ones), or you'll have to store the passwords as plaintext. For example if you're going to use CRAM-MD5 authentication, the password needs to be in plaintext format or in CRAM-MD5 format. If you want to allow both CRAM-MD5 and *DIGEST*-MD5, the password must be stored in plaintext." http://wiki.dovecot.org/Authentication/PasswordSchemes
Regards, Philipp
Here is the part of the output of dovecot -n:
auth default: mechanisms: plain login cram-md5 digest-md5 verbose: yes debug: yes passdb: driver: pam passdb: driver: sql args: /etc/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot-sql.conf userdb: driver: prefetch socket: type: listen client: master: path: /var/run/dovecot/auth-master mode: 384
Charles Marcus wrote:
On 4/23/2007 Azher Amin (azher@niit.edu.pk) wrote:
However in my configs, i have enabled the digest-md5 already: mechanisms = plain login cram-md5 digest-md5
You have yet to prove this by posting oputput of 'dovecot -n'...
-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Azher Amin wrote:
Here is the part of the output of dovecot -n:
<sigh>
Please do NOT trim this output - it is proof of the precise parameteres that the active running dovecot process is using.
auth default: mechanisms: plain login cram-md5 digest-md5 verbose: yes debug: yes passdb: driver: pam passdb: driver: sql args: /etc/dovecot-sql.conf userdb: driver: sql args: /etc/dovecot-sql.conf userdb: driver: prefetch socket: type: listen client: master: path: /var/run/dovecot/auth-master mode: 384
Charles Marcus wrote:
On 4/23/2007 Azher Amin (azher@niit.edu.pk) wrote:
However in my configs, i have enabled the digest-md5 already: mechanisms = plain login cram-md5 digest-md5
You have yet to prove this by posting oputput of 'dovecot -n'...
--
Best regards,
Charles Marcus I.T. Director Media Brokers International 678.514.6200 x224 678.514.6299 fax
participants (4)
-
Andrey Panin
-
Azher Amin
-
Charles Marcus
-
Philipp Wollermann