Authentication Problem
Odhiambo Washington
odhiambo at gmail.com
Thu Dec 20 14:33:44 EET 2018
On Thu, 20 Dec 2018 at 15:23, Aki Tuomi <aki.tuomi at open-xchange.com> wrote:
>
> On 20 December 2018 at 14:10 Odhiambo Washington < odhiambo at gmail.com>
> wrote:
>
>
> You've made this more difficult to understand, even :-)
>
> So the answer is:
> Set the following in 10-auth.conf
>
> 1. disable_plaintext_auth = no
> 2. auth_mechanisms = plain
>
> And yes, the encrypted passwords are stored in MySQL.
>
>
> You cannot use hashed passwords with digest-md5 mechanism.
>
> Aki
>
So, for the record, whenever passwords are hashed, digest-md5 should be
disabled/removed from auth_mechanisms.
My question though - for purposes of understanding - how does dovecot take
the sent password from a client and match it against the hashed one stored
in the DB (in my case)? What happens in between the process?
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20181220/7fc8314b/attachment.html>
More information about the dovecot
mailing list