Hi,
I am currently installing doveot as POP and IMAP server, but I a have a few difficulties configuring it correctly.
I use postgresql to store the user information. The passwords are stored SHA1 encrypted. Now I have the problem that dovecot isn't accepting the user. In dovecot-pgsql.conf I defined default_pass_scheme = SHA1 I am not quite sure about whether this is corrents, since it is not mentioned in the documentation, but it is mentioned in the wiki (under the name SHA) and it doesn't produce an error (as specifying SHA does). So I assume this is correct.
But when I log in with a user I always geht the following log output:
dovecot-auth: Dec 08 22:18:20 Info: PGSQL: Performing query: SELECT passwd FROM mailbox WHERE localpart = érwin' AND domainname ='poiu.de' dovecot-auth: Dec 08 22:18:20 Info: pgsql(erwin@poiu.de): Password mismatch imap-login: Dec 08 22:18:20 Info: Aborted login [82.82.66.4] dovecot-auth: Dec 08 22:18:20 Info: Login process 9 disconnected dovecot-auth: Dec 08 22:18:20 Info: Login process 9 connected dovecot-auth: Dec 08 22:18:20 Info: Login process 9 sent handshake: PID 22222
Is there a way to get a more excessive debugging? I already set auth_verbose and auth_debug to yes.
Or does anyone have an idea what the problem can be here?
Regards Marco
-- It's better to be wanted for murder that not to be wanted at all.
Marco Herrn _ ___ o ' (_)< _ _
_>(__'> o 0 (_X %
>(_> O o _; _;'7^'_ \;\ % (GnuPG/PGP-encrypted mail preferred) _;\ _.\ _.';;) ;,;_/; Key ID: 0x94620736 _ _'./_\('))_; );/\)}/fsc
Hi Marco,
The SQL query needs an apostrophe at the beginning of the localpart as well, this may be the problem.
Regards Andrew
On Wed, 2004-12-08 at 22:20 +0100, Marco Herrn wrote:
Hi,
I am currently installing doveot as POP and IMAP server, but I a have a few difficulties configuring it correctly.
I use postgresql to store the user information. The passwords are stored SHA1 encrypted. Now I have the problem that dovecot isn't accepting the user. In dovecot-pgsql.conf I defined default_pass_scheme = SHA1 I am not quite sure about whether this is corrents, since it is not mentioned in the documentation, but it is mentioned in the wiki (under the name SHA) and it doesn't produce an error (as specifying SHA does). So I assume this is correct.
But when I log in with a user I always geht the following log output:
dovecot-auth: Dec 08 22:18:20 Info: PGSQL: Performing query: SELECT passwd FROM mailbox WHERE localpart = érwin' AND domainname ='poiu.de' dovecot-auth: Dec 08 22:18:20 Info: pgsql(erwin@poiu.de): Password mismatch imap-login: Dec 08 22:18:20 Info: Aborted login [82.82.66.4] dovecot-auth: Dec 08 22:18:20 Info: Login process 9 disconnected dovecot-auth: Dec 08 22:18:20 Info: Login process 9 connected dovecot-auth: Dec 08 22:18:20 Info: Login process 9 sent handshake: PID 22222
Is there a way to get a more excessive debugging? I already set auth_verbose and auth_debug to yes.
Or does anyone have an idea what the problem can be here?
Regards Marco
-- Andrew Hutchings Systems Operator / Developer / Linux Guru Netserve Consultants Ltd. http://www.domaincity.co.uk/
Hi Andrew,
The SQL query needs an apostrophe at the beginning of the localpart as well, this may be the problem.
No, that is not the problem. That happened when pasting the output in vim. In the original output it is 'erwin' instead of érwin'. :-)
Regards Marco
Who will take care of the world after you're gone?
Marco Herrn _ ___ o ' (_)< _ _
_>(__'> o 0 (_X %
>(_> O o _; _;'7^'_ \;\ % (GnuPG/PGP-encrypted mail preferred) _;\ _.\ _.';;) ;,;_/; Key ID: 0x94620736 _ _'./_\('))_; );/\)}/fsc
On 8.12.2004, at 23:20, Marco Herrn wrote:
I use postgresql to store the user information. The passwords are stored SHA1 encrypted. Now I have the problem that dovecot isn't accepting the user. In dovecot-pgsql.conf I defined
In what exact SHA1 format? Salted or non-salted? Encoded to hex or base64? Dovecot's SHA1 is non-salted and base64 encoded. 1.0-test supports also salted ones.
On Thu, Dec 09, 2004 at 12:03:04AM +0200, Timo Sirainen wrote:
On 8.12.2004, at 23:20, Marco Herrn wrote:
I use postgresql to store the user information. The passwords are stored SHA1 encrypted. Now I have the problem that dovecot isn't accepting the user. In dovecot-pgsql.conf I defined
In what exact SHA1 format? Salted or non-salted? Encoded to hex or base64? Dovecot's SHA1 is non-salted and base64 encoded. 1.0-test supports also salted ones.
It is hex and non-salted. In fact the passwords are made by the python library and the following code:
import sha sha.new('password').hexdigest()
So the problem seems to be that dovecot is assuming base64 while mine are in hex. Is there a way to force dovecot to using hex encoded passwords?
Regards Marco
-- that you're not paranoid doesn't mean they aren't right behind you
Marco Herrn _ ___ o ' (_)< _ _
_>(__'> o 0 (_X %
>(_> O o _; _;'7^'_ \;\ % (GnuPG/PGP-encrypted mail preferred) _;\ _.\ _.';;) ;,;_/; Key ID: 0x94620736 _ _'./_\('))_; );/\)}/fsc
On 9.12.2004, at 01:12, Marco Herrn wrote:
So the problem seems to be that dovecot is assuming base64 while mine are in hex. Is there a way to force dovecot to using hex encoded passwords?
Not without changing source code.
But this problem is getting annoying. I think I'm going to change it so that you can append :hex or :base64 to any scheme with the default being the same as it was before.
On Thu, Dec 09, 2004 at 01:27:53AM +0200, Timo Sirainen wrote:
On 9.12.2004, at 01:12, Marco Herrn wrote:
So the problem seems to be that dovecot is assuming base64 while mine are in hex. Is there a way to force dovecot to using hex encoded passwords?
Not without changing source code.
Well, I don't know C++, so I won't even try that. :-)
But this problem is getting annoying. I think I'm going to change it so that you can append :hex or :base64 to any scheme with the default being the same as it was before.
Do you have any plan, when this feature will be available then? I now have the problem that I am using exim as MTA that expects SHA1 hash hex encoded and so it wouldn't help in my case to change the password scheme. And I do not really want to include both types of passwords in my database....
Regards Marco
-- It's better to keep your mouth shut and appear stupid than to open it and remove all doubt.
Marco Herrn _ ___ o ' (_)< _ _
_>(__'> o 0 (_X %
>(_> O o _; _;'7^'_ \;\ % (GnuPG/PGP-encrypted mail preferred) _;\ _.\ _.';;) ;,;_/; Key ID: 0x94620736 _ _'./_\('))_; );/\)}/fsc
On 9.12.2004, at 22:58, Marco Herrn wrote:
But this problem is getting annoying. I think I'm going to change it so that you can append :hex or :base64 to any scheme with the default being the same as it was before.
Do you have any plan, when this feature will be available then?
I started writing it yesterday but got tired then. Maybe for next 1.0-test..
participants (3)
-
Andrew Hutchings
-
Marco Herrn
-
Timo Sirainen