On 8/12/07, Sam Varshavchik <[EMAIL PROTECTED]> wrote:
> Lisa Muir writes:
>
> > Hi,
> >
> > I have a courier-mta config working with authldap
> >
> > I set the users up with SHA1 hashed passwords. If the users change the
> > passwords through sqwebmail as I instruct them to, the new passwords
> > get {crypt} hashed.
> >
> > To the best of my knowledge / recollection, that limits the passwords
> > to the first 8 characters entered, whereas sha1 doesn't. Is there
> > anyway to configure auth_password (i think this is the culprit) to use
> > sha1 instead of crypt?
>
> The new password should use the same hash function as the old password. It's
> going to be {crypt} only if authlib does not recognize the old password
> format. Give a specific example of an existing password.
Here's what I had in the original password (as retrieved by authtest):
Encrypted Password: {SSHA}0mzmds/alGA8jaRnrM49GDCdi+vJHiGS
Here's what it changed it to from sqwebmail (courier 0.56.0.20070804):
Encrypted Password: {CRYPT}BcWX5nxNGZ./A
Now... i went to re-create that with a dummy passowrd so that I could
give you the cleartext, and I discover that I've no idea where I
copied the original hash from and can't see how I made it on this
system. Maybe that is the issue.
The cleartext password is also in the LDAP, so maybe authtest is
authenticating against that and ignoring the orignal hash.... I try it
again with SMD5 and see how I get on.
Lisa.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
