Ken Jones wrote:

David Erickson wrote:

So since it uses crypt, which isn't md5, there is no way for me to convert it to an md5. I guess the best thing to do then is just to store the pw's as plain text, then convert them to whatever I need to, to operate with my other systems? Or is there a patch to have vpopmail store them as md5's?

Right, crypt uses DES. I had that confused with MD5.
For the smtp auth, that requires MD5, we store the clear text password.

I'm not aware of anyone who's written code to use MD5 encrypted passwords.


The old crypt function used DES, the new crypt function uses MD5. Vpopmail will authenticate against either type stored in the vpasswd file (or mysql table).

It can do this because all MD5 encrypted passwords start with $1$, if it doesn't then it's the old DES standard.

Now the question that was originally asked I believe was if the MD5 encrypted passwords are compatible with an MD5 hash. My answer is I don't know :) A quick test would be to take an MD5 encrypted password from vpopmail, strip off the $1$ and use that as your comparison against a standard MD5 hash.



Reply via email to