I have two populations of dovecot users. Some users have Unix accounts (with
logins disabled), and so their password hashes are stored in /etc/shadow.
These days, the default configuration for that is salted SHA-512. It's easy
for me to change that scheme to something else if I want to, but the important
fact is that I already have some users with passwords in salted SHA-512. The
other population of users is purely virtual, and their password hashes are
stored in a MySQL database in SHA-1 format (unsalted, but moving to salted
wouldn't be a big deal). The database also has a column identifying the hash
scheme, so SHA-1 isn't some assumption.
By salted SHA-512 do you mean the $6$salt$sha format that glibc uses? If so,
you can use CRYPT scheme, which causes Dovecot to use crypt() function. Then
assuming you're using new enough glibc, it understands it.
Ah, I didn't realize that. Yes, that's exactly what I meant, and the
glibc will be on an identically-configured system to the one where the
$6$ shadow entries were created. Thanks for the info.
