2008/12/28 Sam Varshavchik <[email protected]>: > Juan Miscaro writes: > >> Hi, when setting up a new user in my Postfix/MySQL/Courier system I >> need to set up a crypt() password. I would like to use authpasswd but >> I must be missing something fairly simple. The same cleartext >> password gives me different hashes. Can someone clarify this for me? >> >> $ authpasswd crypt >> Password: >> Reenter password: >> {CRYPT}ohlceCfiQWTgs >> >> ad...@hermes:~ $ authpasswd crypt >> Password: >> Reenter password: >> {CRYPT}FwcjiaHYJiKCk > > This is correct. crypted passwords are salted. The first two characters of a > crypted-password is a random salt value that's factored into the encrypted > content.
So courier-authdaemon does not have any trouble verifying an incoming password with an available/stored crypt hash? > Note, however, that crypt() limits passwords to eight characters. This is an > extremely old password encryption function that should not be used any more. > Use other hash functions that support longer passwords. Noted. md5 is preferred I presume. However, since I am using the mysql module of authdaemon I have the authmysqlrc file. In there I have this line: MYSQL_CRYPT_PWFIELD crypt I don't see any comments in the file regarding the use of md5. /juan ------------------------------------------------------------------------------ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
