Strange Error: Password data is not valid for scheme SHA256. Please help me resolve it.

david.madman2 at vfemail.net david.madman2 at vfemail.net
Mon Jul 24 01:02:47 EEST 2017 

Quoting Alexander Dalloz <ad+lists at uni-x.org>:

> Am 23.07.2017 um 17:50 schrieb david.madman2 at vfemail.net:
>> My /var/log/mail.log shows:
>>
>> Jul 22 18:40:48 www dovecot: auth: Error:  
>> passwd-file(test at domain.com,46.xxx.xxx.xxx,<wZoHUuxU6IAu9j4y>):  
>> Password data is not valid for scheme SHA256: Input length isn't  
>> valid (0 instead of 32)
>> Jul 22 18:41:00 www dovecot: message repeated 2 times: [ auth:  
>> Error:  
>> passwd-file(test at domain.com,46.xxx.xxx.xxx,<fGoHUuxU6IAu9j4y>):  
>> Password data is not valid for scheme SHA256: Input length isn't  
>> valid (0 instead of 32)]
>> Jul 22 18:41:02 www dovecot: imap-login: Disconnected (auth failed,  
>> 3 attempts in 14 secs): user=<test at domain.com>, method=PLAIN,  
>> rip=46.xxx.xxx.xxx, lip=139.xxx.xxx.xxx, TLS,  
>> session=<fGoHUuxU6IAu9j4y>
>>
>> What does "Password data is not valid for scheme SHA256: Input  
>> length isn't valid (0 instead of 32)]" mean? I assume that there is  
>> some kind of a mismatch between the way I generated the password  
>> with doveadm and entered it in passwd.db and the way I entered the  
>> non-hashed password into the password field in the new account  
>> section of Thunderbird.
>
> It means that dovecot expacts to verify a 32 byte long password  
> hash. What it detects has a size of 0 byte. You haven't shown an  
> example line of your passwd.db file, but I would guess you build it  
> up not correct.
>
> See
>
> https://wiki.dovecot.org/Authentication/PasswordSchemes
>
> Alexander

Thank you for your reply. My /etc/dovecot/passwd.db shows:

test at domain.com:
{SHA256}tdA2DIOZhwLOKVxA2WiOY0oy9GB8A6baW/okY+DTFi0=

I'm not sure what could be wrong with this file. It is a plain text  
file created in vim.

Permissions:

-rw-r--r-- 1 root root 70 Jul 23 19:14 /etc/dovecot/passwd.db

In Thunderbird, I simply enter the text equivalent of the SHA256 in  
the "password" field when creating a new account.

Do you - or anyone else - have another suggestion? Many thanks!



-------------------------------------------------

ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!  
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!

More information about the dovecot mailing list