Percent character in mail_crypt_private_password not possible
mabi at protonmail.ch
Tue Jul 2 23:27:43 EEST 2019
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, July 2, 2019 6:32 PM, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote:
> I don't actually recommend using password directly from user as password for private keys, I recommend running them thru some hash / pkcs5 before that.
That's a great idea and makes things even safer. I don't know much about PKCS5 but would SHA512 also be safe enough for hashing the password?
SHA512 would then generate a 128 characters hash which I would then pass to the parameter "-o plugin/mail_crypt_private_password=" of my "doveadm mailbox cryptokey generate ..." command.
More information about the dovecot