[Dovecot] Using pgsql with 'cram-md5 auth' and 'hmac-md5 scheme'

Jonathan Ballet multani at free.fr
Tue Sep 12 17:54:23 EEST 2006


John Peacock wrote: :
> Jonathan Ballet wrote:
>> In fact, it works if I use PLAIN password scheme in my database.
>> However, I would like to store them encrypted.
>> But, if I replace the password field for my user with {HMAC-MD5}-...
>> (the password generated by dovecotpw), it doesn't work.
> 
> It is not possible to use the CRAM-MD5 authentication method, unless the
> server has the password in plaintext.  Here's why[1]:
> 
> 1) The server generates a *one-time* challenge string and sends it to
> the client;
> 
> 2) The client responds with the username followed by a digest, which is
> a HMAC-MD5 hash of the challenge string and the user's password;
> 
> 3) The server then performs the same HMAC-MD5 hashing of the challenge
> string it just sent and the plaintext users password in the database;
> 
> 4) If and only if the two HMAC-MD5 hashes are equivalent, does the
> authentication succeed.
> 
> The problem is you have already hashed the password in the database, but
> the server does not know what the challenge string that was used (and
> unlike crypt, the challenge is not stored as part of the hash).  There
> is no way to do what you want using CRAM-MD5 (it's one of the serious
> design flaws of that method).
> 
> HTH
> 
> John
> 
> 1. http://en.wikipedia.org/wiki/CRAM-MD5
> 

I think I understand this, but :

 - How can it works with nearly the same configuration, using passwd-like files
instead of pgsql database ?
Auth mechanism is set to 'cram-md5', and passwords in the passdb file are
HMAC-MD5 encrypted passwords (or, if I am wrong somewhere, they are generated by
'dovecotpw -s HMAC-MD5' and start with {HMAC-MD5})
In fact, this is the configuration I want to migrate from :)
I'll put the file configuration at the end of the mail [2].


 - How dovecotpw generates the HMAC-MD5 encrypted password, if the challenge
string used to hash the password is supposed not to be the same each time ?
I mean, how could the password be used in HMAC-MD5 format, if dovecot doesn't
know the secret key used to hash it ?


 - Dovecot documentation [1] says that HMAC-MD5 password scheme is used with
CRAM-MD5 authentication mechanism. As far as I understand you, it means it is
used, not to store/retrieve the password from the password database (whatever it
is), but only to 'encrypt' the communication between the client and the server.
It's not very clear ...



Is there any documentation referencing which password scheme could be used with
an authentification mechanism ? I thought it was in [1], but I might be wrong.

So, what are my options, to have encrypted authentication, and encrypted password ?


Thanks for your answer,

  -- Jonathan




[1] : http://wiki.dovecot.org/Authentication/PasswordSchemes
[2] : Current working configuration :
==============================================
# grep -v "^[ ]*#" dovecot.conf | grep -v "^$"
protocols = imap
disable_plaintext_auth = yes
log_path = /var/log/mail/dovecot.log
log_timestamp = "%Y-%m-%d %H:%M:%S "
default_mail_env = maildir:/var/mail/%u
mail_extra_groups = vmail
first_valid_uid = 5000
last_valid_uid = 5000
protocol imap {
}

protocol lda {
  postmaster_address = postmaster at example.com
}
auth default {
  mechanisms = cram-md5
  passdb passwd-file {
    args = /etc/dovecot/userdb.deny
    deny = yes
  }
  passdb passwd-file {
    args = /etc/dovecot/userdb
  }
  userdb passwd-file {
    args = /etc/dovecot/userdb
  }
  user = root
}
dict {
}
plugin {
}

# cat userdb
jon:{HMAC-MD5}xxxxxxxxxxxxxxxxx:5000:5000::/var/mail/jon:/bin/false::/var/mail/jon
================================================


More information about the dovecot mailing list