Hi, Just my thoughts,
I think what "salted SHA" means is that when you create a password, even if the password has got the same strings of alphanumerical characters and symbols, it creates a different hash every time. s. --- On Sun, 31/1/10, Timo Sirainen <[email protected]> wrote: > From: Timo Sirainen <[email protected]> > Subject: Re: [Dovecot] sha-512 ... shadow blended with database > To: "WJCarpenter" <[email protected]> > Cc: "Dovecot Mailing List" <[email protected]> > Date: Sunday, 31 January, 2010, 4:55 > On 30.1.2010, at 22.39, WJCarpenter > wrote: > > > I have two populations of dovecot users. Some > users have Unix accounts (with logins disabled), and so > their password hashes are stored in /etc/shadow. These > days, the default configuration for that is salted > SHA-512. It's easy for me to change that scheme to > something else if I want to, but the important fact is that > I already have some users with passwords in salted > SHA-512. The other population of users is purely > virtual, and their password hashes are stored in a MySQL > database in SHA-1 format (unsalted, but moving to salted > wouldn't be a big deal). The database also has a > column identifying the hash scheme, so SHA-1 isn't some > assumption. > > By salted SHA-512 do you mean the $6$salt$sha format that > glibc uses? If so, you can use CRYPT scheme, which causes > Dovecot to use crypt() function.. Then assuming you're using > new enough glibc, it understands it. > >
