Blowfish hashed passwords

KT Walrus kevin at my.walr.us
Tue Jun 7 01:03:03 UTC 2016


I don’t understand your reply. I am running Ubuntu 14.04 in Docker image now, but there is no support for BLF-CRYPT in 14.04.

As for openbsd, Docker images can be based on any Linux distro that is available in the Docker Hub. OpenBSD is not a Linux distro and I would have to run it inside a VM which isn’t acceptable.

See https://hub.docker.com/explore/ <https://hub.docker.com/explore/> for a list of Official Repos that are suitable to use as base images for building Dovecot such as ubuntu, debian, centos, alpine, oraclelinux, opensuse, etc.

I suspect that most glibc crypt() implementations don’t support BLF-CRYPT and that is one reason that PHP includes fallback BLF-CRYPT function so PHP users can generate Blowfish password hashes without worrying whether PHP is running on Linux or not.

Kevin

> On Jun 6, 2016, at 7:17 PM, Peter Chiochetti <pch at myzel.net> wrote:
> 
> Am 2016-06-06 um 15:36 schrieb KT Walrus:
>> 
>> Since I’m using Docker, the easiest solution for me is to find a linux distro that can run Dovecot well and supports BLF-CRYPT as well.
>> 
>> What Linux distros support BLF-CRYPT and are well tested and secure?
>> 
> 
> As you are running Ubuntu 14.04 now - I suppose most all Linux distros are as well tested as this.
> 
> For both tested and secure, you may choose openbsd? Dont know if Docker does this though -- nevertheless, I guess docker probably rules out anything secure...
> 
> -- 
> peter



More information about the dovecot mailing list