[Dovecot] sha-512 ... shadow blended with database
Timo Sirainen
tss at iki.fi
Sun Jan 31 04:55:05 EET 2010
On 30.1.2010, at 22.39, WJCarpenter wrote:
> I have two populations of dovecot users. Some users have Unix accounts (with logins disabled), and so their password hashes are stored in /etc/shadow. These days, the default configuration for that is salted SHA-512. It's easy for me to change that scheme to something else if I want to, but the important fact is that I already have some users with passwords in salted SHA-512. The other population of users is purely virtual, and their password hashes are stored in a MySQL database in SHA-1 format (unsalted, but moving to salted wouldn't be a big deal). The database also has a column identifying the hash scheme, so SHA-1 isn't some assumption.
By salted SHA-512 do you mean the $6$salt$sha format that glibc uses? If so, you can use CRYPT scheme, which causes Dovecot to use crypt() function. Then assuming you're using new enough glibc, it understands it.
More information about the dovecot
mailing list