dovecot and argon2 encryption
Larry Rosenman
larryrtx at gmail.com
Tue Dec 4 14:22:15 EET 2018
On 12/4/18, 1:14 AM, "dovecot on behalf of Aki Tuomi" <dovecot-bounces at dovecot.org on behalf of aki.tuomi at open-xchange.com> wrote:
On 3.12.2018 22.24, Jerry wrote:
> I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed.
> I was playing around with different encryption schemes.
>
> doveadm pw -l
> SHA1 SSHA512 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA RPA DES-CRYPT CRYPT SSHA
> MD5-CRYPT SKEY PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 LANMAN SHA512-CRYPT CLEAR
> CLEARTEXT SSHA256 NTLM MD5 PBKDF2 SHA256 CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT
> SMD5 DIGEST-MD5 LDAP-MD5
>
> There is no mention of "argon2" shown. Now, from the command line I can enter
> this command:
>
> ~ $ echo -n "Secret-Password" | argon2 somesalt
> Type: Argon2i
> Iterations: 3
> Memory: 4096 KiB
> Parallelism: 1
> Hash:
> e6432f595e999988c7c54c30d530b0fc7d9953510e5ccf295359258f4ea22a3d
> Encoded:
> $argon2i$v=19$m=4096,t=3,p=1$c29tZXNhbHQ$5kMvWV6ZmYjHxUww1TCw/H2ZU1EOXM8pU1klj06iKj0
> 0.039 seconds Verification ok
>
> However, this fails:
>
> doveadm pw -p "Secret-Password" -s argon2
> Fatal: Unknown scheme: ARGON2
>
> I have tried different ways to enter "argon2", but nothing works. Can
> someone tell me what I am doing wrong?
>
> Thanks :)
>
Argon support is present if dovecot is compiled with `--with-sodium` and
you have sodium development packages installed.
Aki
I'm the dovecot maintainer for FreeBSD, and I just committed an update to the port to include a libsodium option.
More information about the dovecot
mailing list