Re: [courier-users] Migrating plain text to encrypted passwords

--===============1772261643==
Content-Type: multipart/signed; boundary="nextPart3502881.n2hacm5kUH";
protocol="application/pgp-signature"; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit

--nextPart3502881.n2hacm5kUH
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Hi.

Am Freitag, 15. Februar 2008 schrieb Gordon Messmer:
> Having the plain text password allows you to use the CRAM-*
> authentication methods, which may offer additional security. In any
> case, it allows for more flexible authentication options, and I wouldn't
> be too quick to give that up.

Let me hook in here. CRAM would be able to offer with an intermediate hash=
=20
value computet when the user sets his password. I don't know the background=
s=20
here, but when reading about SASL v1.5, they talk about such things.

Would this behaviour be possible to achieve with courier? Is it planned?


> > a) What function does the authmysql module use to encrypt the password
> > that the client provides?
> I don't think that it does. As far as I know, you need to use the
> system's crypt() function.

I don't know which types of hashing are supported, but I use salted-MD5 as=
=20
unix shadow-passwords use.
They can be created by several programming languages but not by MySQL itsel=
f.


> > b) Is it just a matter of using something like phpmyadmin to dump the
> > clear passwords in to the encrypted password fields via the function in
> > answer a)?
> No.

But it can be done by a script (python, perl, PHP, ...) that iterates over =
all=20
accounts and transforms passwords.

cu, Bernd

=2D-=20
Die Grunds=E4tze des Beamtenrechts k=F6nnen in Deutschland nur mit einer
blutigen Revolution beseitigt werden.
- J=FCrgen R=FCttgers (dt. Politiker)

--nextPart3502881.n2hacm5kUH
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iQIVAwUAR7VpFg0b18vi86Q/AQK81hAAh+hQpqK8QapJd4fUsOVpnW9LYx6uyxZ/
9FRfOvCRMannDagqF8cgSo0Bn+NhuRHW6LhIMPwKGgvBY/cykfIHtWwB3WEk4QpM
5uNlUKxz+/ZtrKVBv2HquFcgq/jv8kl85ig9bu6f8XqojDW82zlv3kJhnIV3mN1C
FGUtUe2eBihObe5Y3SUhIc3j7t74KAOQPJGZil3OxyYYtPkpEx PoVA+OWlE74lDY
HgtBXQSnNaM8/ouUt7cGCtwyaP6RMbNvROBOZKjA4FI6xMtm5DFAF5CvNrREKPM e
H0f0vOatXHvx/rxZn4uClVbkqU0/hhiMR00NA3p3GgDyuf8vDoML7AXn5KHobvNR
e2VqYjv1Y1E/1pnjNuq6Uft2CIErHVC2R/s/niKeucFCSim275XFldvxho52AnUS
9e+LkZ2IJDdY2Ox/8k71L+7gZFFRf37axRwFcdrZ5kUG+A+p8uohpNj/s9zOe3Vf
yLtWMxZhN+1K9SRIV4EmfCgGpsz7WbK9BY9FsvSuWh0GbBxFPo yidD8xA77J4af5
1GS4TP6xIu5L88flhjcEtK1jf1LDkBYy1HM6AY395pm1XHiLCX w1y83q+uI/K7Gr
qXZDqfm+IgDnyAoLxTvccoiz/0PCVp8GoCptcuQcMslsW8AVv/Yh4G1PNwGeGskf
UHjyvlUAUgQ=
=wrN+
-----END PGP SIGNATURE-----

--nextPart3502881.n2hacm5kUH--


--===============1772261643==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
--===============1772261643==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users

--===============1772261643==--