Using SHA256/512 for SQL based password
Robert Moskowitz
rgm at htt-consult.com
Wed Feb 20 15:10:51 EET 2019
On 2/19/19 1:50 AM, Aki Tuomi via dovecot wrote:
>
>
> On 17.2.2019 10.46, Aki Tuomi via dovecot wrote:
>>
>>> On 17 February 2019 at 10:38 Odhiambo Washington via dovecot <
>>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote:
>>>
>>>
>>> On Sun, 17 Feb 2019 at 11:34, Marc Weustink via dovecot <
>>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>>
>>> wrote:
>>>
>>>> Jean-Daniel Dupas via dovecot wrote:
>>>> >
>>>> >
>>>> >> Le 13 févr. 2019 à 14:54, Robert Moskowitz via dovecot
>>>> >> < dovecot at dovecot.org <mailto:dovecot at dovecot.org> <mailto:
>>>> dovecot at dovecot.org <mailto:dovecot at dovecot.org>>> a écrit :
>>>> >>
>>>> >>
>>>> >>
>>>>
>>>> >>> ARGON2 support is added in dovecot v2.3. It also needs to be
>>>> enabled
>>>> >>> when compiling dovecot, so varying from packagers it might or
>>>> not be
>>>> >>> available. The CRYPT ones are available if crypt(3) supports
>>>> them. In
>>>> >>> dovecot v2.3 we have added bcrypt support regardless of crypt(3)
>>>> support.
>>>> >>
>>>> >> CentOS7 is on dovecot 2.2.36:
>>>> >>
>>>> >> # doveadm pw -s ARGON2-CRYPT -p secret
>>>> >> Fatal: Unknown scheme: ARGON2-CRYPT
>>>> >> # doveadm pw -s ARGON2 -p secret
>>>> >> Fatal: Unknown scheme: ARGON2
>>>> >>
>>>> >> I tend to stay with the distro's rpms and not take on building and
>>>> >> maintaining myself.
>>>> >
>>>>> And for the record, the hash names are ARGON2I and ARGON2ID (see
>>>>> doveadm
>>>>> pw -l )
>>>>> With dovecot from the dovecot.org < http://dovecot.org> repo:
>>>>> # doveadm pw -s ARGON2I -p secret
>>>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$bt96TSr3nVrho2SRhnNP0A$h7LYiqkw/4s6d1d+0Xpe+VUE3aISPnkYq/R7QqPRntk
>>>>
>>>> Also from dovecot.org < http://dovecot.org> repo:
>>>> doveadm pw -s ARGON2I -p secret
>>>> Fatal: Unknown scheme: ARGON2I
>>>> ????
>>>> Marc
>>>
>>> It works for me over here:
>>>
>>> [wash at waridi ~]#/opt/dovecot2.3/bin/doveadm pw -s ARGON2I -p secret
>>> {ARGON2I}$argon2i$v=19$m=32768,t=4,p=1$9pggnQBea9F3h3O31HoJEA$0zZZgwEuMRVZ3Mc/v6ckpalzVRVCr+GLBWnb8OrgsxU
>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Odhiambo WASHINGTON,
>>> Nairobi,KE
>>> +254 7 3200 0004/+254 7 2274 3223
>>> "Oh, the cruft.", grep ^[^#] :-)
>>
>> I'll check next week if and why argon is missing from ce packages.
>> ---
>> Aki Tuomi
>
> Marc,
>
> ARGON2 is supported only on Debian Stretch and Ubuntu 18 for dovecot,
> due to libsodium.
>
libsodium does not help with CentOS7 and Dovecot 2.3:
Installing :
libsodium-1.0.17-1.el7.armv7hl 1/1
Verifying :
libsodium-1.0.17-1.el7.armv7hl 1/1
Installed:
libsodium.armv7hl 0:1.0.17-1.el7
Complete!
[root at klovia ~]# doveadm pw -s ARGON2I -p secret
Fatal: Unknown scheme: ARGON2I
[root at klovia ~]# doveadm pw -l
MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN
CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5
PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY RPA PBKDF2 CRYPT
SHA256-CRYPT SHA512-CRYPT
Previously installed argon2:
grep -n argon /var/log/yum.log*
/var/log/yum.log:128:Feb 13 09:01:01 Installed:
libargon2-20161029-2.el7.armv7hl
/var/log/yum.log:129:Feb 13 09:01:01 Installed:
argon2-20161029-2.el7.armv7hl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190220/ee964bd1/attachment-0001.html>
More information about the dovecot
mailing list