Hello,
I have a question regarding the password field of the passwd-file [1].
According to the wiki, the password field assumes a {SCHEME} of CRYPT when the
{SCHEME} is not prefixed
to this field.
So, a passwd-file like:
user:password: . . .
… is equivalent to:
user:{CRYPT}password: . . .
Does that mean an example passwd-file with NEITHER {SCHEME} or password, like:
[email protected]:: . . . (note no scheme or password specified between
colons)
…means that the [email protected] user does not have any valid crypted password
and therefore the
[email protected] user cannot be authenticated ?
For example, if I use doveadm to create a null CRYPT password:
$ sudo doveadm pw -s CRYPT -p “” -u [email protected]
… gives the result:
{CRYPT}txR1JRq9140Qk
… which differs from the example password field having NEITHER {SCHEME} or
password, like:
[email protected]:: . . .
… so if I attempt to logon using a null password for [email protected] when
nothing is specified in the
password field for the passwd-file:
/etc/dovecot/passwd
[email protected]:: . . .
$ sudo doveadm auth test [email protected]
password:
passdb: [email protected] auth failed
… it is impossible to logon as [email protected] with ANY PASSWORD and/or a NULL
password ?
Thanks,
- J
Sources:
[1] https://wiki2.dovecot.org/AuthDatabase/PasswdFile
