[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dovecot
Subject:    Re: [Dovecot] (no subject)
From:       Axel Luttgens <AxelLuttgens () swing ! be>
Date:       2013-07-07 13:10:55
Message-ID: 7105B8B0-905D-4CF4-A1CF-2FF72674F731 () swing ! be
[Download RAW message or body]

Le 7 juil. 2013 à 11:47, Dotan Cohen a écrit :

> [...]
> $ /usr/bin/doveadm pw -u user@someDomain.com -s DIGEST-MD5
> Enter new password: # Here I have typed "12345"
> Retype new password: # Here I have typed "12345"
> {DIGEST-MD5}f4e442b0dec5009eaa8b9b4104923edc
> $ printf "12345" | md5sum
> 827ccb0eea8a706c4c34a16891f84e7b  -
> $

Hello Dotan,

Note that md5sum calculates a hash similar to the one used by dovecot's MD5-PLAIN scheme:

	$ doveadm pw -s PLAIN-MD5 -p 12345
	{PLAIN-MD5}827ccb0eea8a706c4c34a16891f84e7b


> Shouldn't that password match the md5sum check?

As a result: no... ;-)

> [...]
> $ telnet mail.someDomain.com 143
> Trying x.x.x.x...
> Connected to mail.someDomain.com.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
> IDLE AUTH=PLAIN] Dovecot ready.
> a login user 12345
> [...]

I doubt this is a valid attempt:

- unless I'm wrong, the command should be authenticate (not login)
- the server doesn't seem to be configured for making use of digest-md5

You may find an example of such an authentication near the end of http://tools.ietf.org/html/rfc2831.
You might also have a look at http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5.

HTH,
Axel

[prev in list] [next in list] [prev in thread] [next in thread]