Authentication Problem
Nikolai Lusan
nikolai at lusan.id.au
Thu Dec 20 12:35:08 EET 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Greetings
On Thu, 2018-12-20 at 12:20 +0300, Odhiambo Washington wrote:
> I am using SHA512-CRYPT scheme for passwords.
Yeah, there is a reason MD5 has been preferred to crypt for a very long
time now, and the SHA512 isn't really any better.
> In my dovecot-sql.conf.ext, I have: default_pass_scheme = CRYPT
>
> In 10-auth.conf, I have:
> auth_mechanisms = plain login digest-md5
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> M$ Outlook is refusing to authenticate, with error: Requested DIGEST-MD5
> scheme, but we have only CRYPT
> What an I missing??
You are not advertising 3 possible auth methods, I am assuming that plain
will use the SQL extension. Unless you are going to setup a digest-md5
method I would remove it from the advertised methods as most clients will
default to a digest method before selecting plain. Unless you control all
the clients and can configure them to only use the plain method of auth (I
would also be ensuring that you have TLS enforced in some way for this)
then removal of the digest method is probably the best fix.
If the plain and/or login methods are failing check your sql config
includes the passdb and userdb sections.
- --
Nikolai Lusan <nikolai at lusan.id.au>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEVfd4GW6z4nsBxdLo4ZaDRV2VL6QFAlwbcFwACgkQ4ZaDRV2V
L6T7IxAAjTQQfVngYU92oNfORwIeL6e9YZtvlLfo7V6d2PSgnzJ2Tdzyo2YA4AGy
eApc9SoJra8IVzanv+s6yl0BJ/EXez/ugdZ5DEUzYTf7b1AVMnUYOKkCi4HeOzzx
zttLF/Hd5ovwDRB1StNa5c1dsrN5lfwZy/cFwK+zOWwEZDBpYq3/y+IjsbWhCcW1
DVbrSshOUaFqZwRE7MFPHiwsyNxhiG8cciglgUKf5HdRaiwx5E1Xy9gASxaqrdqg
GZpGbI7C8sAr92OvTvZlwThSOM6+aSgGIOATRS9S1Lh9x9H14ya1LtOE9XELSQPl
gDI/HJKBym7D8BsnEPSZ+THRwWGQ6QyACZUN8q5OZMEyzS2AGECnSTYMgv4LjqBZ
VbAaPZBAkhsuzVoWsd4xKiN9Qv3wQykDsSq6yahqiDzTXbsCA8HPMEQvw3hISttq
WHdibiBP8cm2/8cz+8PM1+3Q08JMVRqmDLEIQ61gmg8UWhpCPbE3royBkHaj6wOR
GeK4mG3cwYQu0JsoKDsFr7EvABErVRzrvkiMgnz/ivORkJVVtmxyYmG4t5VIT8FD
Hq6A/c1VJ/GYLNHNWRFMRfiXIJB7fM6K0NWK1EN34QoHNbwb5qSL+c6t/BZ5BpzK
c9zkU31FTqtSabUHzNPje6hzHMi5eZLhcH/MCZhD3Xv5+Gwxdug=
=LQQ1
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list