You have a typo in your SQL statement it should be ,sha not .sha
On 5/3/2016 1:07 PM, Carl Jeptha wrote:
Just tried to run it on the "Live" database, the simulation found all
the rows, but when I ran the query I got this error (still trying to see
what mus be changed):
|#1064 - You have an error
Just make sure it says:
WHERE password IS NULL OR password='';
With no space between the quote marks, this way it matches an empty string
On 05/03/2016 12:29 PM, Carl Jeptha wrote:
> Thank you,
> Due to changes I had to make to let password_query work, I think your "quick"
> version should be
The script I sent you should do the job of populating your cryptpwd column with
a SHA512-CRYPT version of the clearpwd column.
The only reason why you would bother with a perl script is to get a better
quality salt from /dev/urandom
If you don't care so much about the quality of the salt, you can
Oh, you uppercased PASSWORD again.
Change:
IF(cryptpwd IS NULL OR cryptpwd=' ', CONCAT('{PLAIN}',clearpwd), cryptpwd) AS
PASSWORD
To:
IF(cryptpwd IS NULL OR cryptpwd=' ', CONCAT('{PLAIN}',clearpwd), cryptpwd) AS
password
and again, try to understand what's going on here.
On 05/03/2016 08:0
Drop this from the end of your query:
AND cryptpwd = password ('%w')
and Steffen is right, it wouldn't hurt you to get a better understanding of the
principles at work here.
Nothing in this thread has had anything to do with dovecot so far.
On 05/03/2016 08:08 AM, Carl Jeptha wrote:
> 1. Auth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 3 May 2016, Carl Jeptha wrote:
OK QUERY is WORKING ("password_query" relies on having a field/column
"password', hence the addition under WHERE):
password_query = \
SELECT username AS USER, \
IF(cryptpwd IS NULL OR cryptpwd=' ', CONC
On 05/02/2016 05:32 AM, Carl Jeptha wrote:
> May 2 05:26:03 |** dovecot: auth-worker(3442): Error:
> sql(u...@domain.tld,xxx.xxx.xxx.xxx): Password query must return a
> field named 'password'
I'm not sure, maybe it's checking case-sensitive. Your query returns PASSWORD.
Make it lowercase.
>
That one is there to close the left one after IF
Sent from my Samsung device
Original message
From: Christian Kivalo
Date: 2016-05-02 11:58 (GMT+02:00)
To: dovecot@dovecot.org
Subject: Re: Changing Password Schemes
On 2016-05-02 11:32, Carl Jeptha wrote
On 2016-05-02 11:32, Carl Jeptha wrote:
password_query = \
SELECT username AS USER, \
IF(cryptpwd IS NULL OR cryptpwd='', CONCAT('{PLAIN}',clearpwd),
cryptpwd) AS PASSWORD, \
'/var/vmail/%d/%n' as userdb_home, \
'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 8
You do need to complete the query. Don't just replace your query with the one I
wrote. You have to have a WHERE clause, and you might need to return other
fields.
Keep the password query you had before, just replace the 'password' column with
"IF( ... ) as password"
The query as you have it now
First of all, you can probably go online before you convert all passwords. You
can modify your query in dovecot-sql.conf.ext to something like the following:
SELECT IF(crypt_pass IS NULL OR crypt_pass='', CONCAT('{PLAIN}',plain_pass),
crypt_pass) as password FROM mailuser ..
This is assuming th
Sorry not truncated:
{SHA512-CRYPT}$6$wEn1UFuiMzl9OSjd$Vh/PZ95WDID1GwI02QWAQNNfY5.Rk9zcSetYTgRfo4SPKf8qzMXsruvvS8uaSUidlvwDTLLSr3cVsQx2e6cu2/
You have a good day now, en mag jou môre ook so wees,
Carl A Jeptha
On 2016-04-30 14:58, Patrick Domack wrote:
This looks good, except it is
This looks good, except it is truncated, it should be something like
95chars long, Is your hash column set to 128 or up around there or
larger?
Quoting Carl A Jeptha :
Sorry for double reply, but this what a password looks like in the
"hashed" password column:
{SHA512-CRYPT}$6$wEn1UFuiMz
Sorry for double reply, but this what a password looks like in the
"hashed" password column:
{SHA512-CRYPT}$6$wEn1UFuiMzl9OSjd$Vh/PZ95WDID1GwI2
You have a good day now, en mag jou môre ook so wees,
On 2016-04-30 01:14, Gedalya wrote:
That's not SHA512-CRYPT. That's just a simple s
The database is MySQL.
You have a good day now, en mag jou môre ook so wees,
Carl A Jeptha
On 2016-04-30 01:14, Gedalya wrote:
That's not SHA512-CRYPT. That's just a simple sha512 of the password, without
salt.
A SHA512-CRYPT password will be generated with:
printf "1234\n1234"
That's not SHA512-CRYPT. That's just a simple sha512 of the password, without
salt.
A SHA512-CRYPT password will be generated with:
printf "1234\n1234" | doveadm pw -s SHA512-CRYPT
or:
doveadm pw -s SHA512-CRYPT -p 1234
or:
mkpasswd -m sha-512 1234
(without the "{SHA512-CRYPT}" prefix)
Wha
Hi Bill,
using PHPMYAdmin:
UPDATE 'mailbox' SET 'password' = SHA2 ('clearpwd',512);
{UPDATE 'the users table' SET 'cryptic password column' = SHA2 ('clear
text password column',512);}
gives this error:
#1064 - You have an error in your SQL syntax; check the manual that
corresponds to your MySQL
Thanks for insight Bill, will look at that and report back.
You have a good day now, en mag jou môre ook so wees,
Carl A Jeptha
On 2016-04-29 21:20, Bill Shirley wrote:
Looks like an SQL update would do this:
UPDATE `users`
SET `passwd_SHA512` = SHA2(`passwd_clear`, 512);
Bill
O
Looks like an SQL update would do this:
UPDATE `users`
SET `passwd_SHA512` = SHA2(`passwd_clear`, 512);
Bill
On 4/29/2016 9:07 AM, Carl A Jeptha wrote:
converting the passwords in the database from clear/plain text to SHA512-CRYPT
You have a good day now, en mag jou môre ook so we
converting the passwords in the database from clear/plain text to
SHA512-CRYPT
You have a good day now, en mag jou môre ook so wees,
Carl A Jeptha
On 2016-04-29 15:02, Steffen Kaiser wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 29 Apr 2016, Carl A Jeptha wrote:
Yes, but the machine is very old, can't more memory (maxed out) hard
drive size maxed out.
But we cannot keep on going plain text password saved in the database,
that is asking for trouble to happen, which (touch wood) has not
happened yet.
You have a good day now, en mag jou mô
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 29 Apr 2016, Carl A Jeptha wrote:
Good Day,
I have been following this tutorial without much luck -
http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes#CA-26af2b83a43b8100522c57565773f605c21f2f27_1
It is obvious to me that I am not foll
On 4/29/2016 5:58 AM, Carl A Jeptha wrote:
> I have an old postfix + dovecot + Roundcube mailserver
> (mail.domain.Tld). Server clock is loosing time and adjusting it causes
> dovecot to kill itself, we cannot install more memory, bigger
> hard-drives, etc.
>
> I have built a new server box
We
Good Day,
I have been following this tutorial without much luck -
http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes#CA-26af2b83a43b8100522c57565773f605c21f2f27_1
It is obvious to me that I am not following the instructions correctly
and need to be shown what I am misunderstanding.
I have
24 matches
Mail list logo
