'Re: [Proftpd-user] authenticate against password in mysql, created by password_hash function in php'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       proftpd-users
Subject:    Re: [Proftpd-user] authenticate against password in mysql, created by password_hash function in php
From:       Ian via Proftp-user <proftp-user () lists ! sourceforge ! net>
Date:       2018-04-07 21:36:00
Message-ID: 1271173401.176035.1523136960418 () mail ! yahoo ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


 Hello Catscrash,  
http://www.proftpd.org/docs/contrib/mod_sql_passwd.html   -- looks like it has \
support for SCRYPT but not BCRYPT.     We have successfully setup mod_sql_password / \
scrypt   running against postgres.     We also looked at bcrypt initially but never \
got it to work.  


    On Tuesday, March 20, 2018, 2:00:43 PM PDT, Catscrash <catscrash@catscrash.de> \
wrote:    
 Hi,

is it possible to authenticate proftpd against a mysql table, filled 
with passwords created by the php password_hash function? mod_sql or 
mod_sql_password don't seem to have a fitting option, but maybe I missed 
something?

http://de2.php.net/manual/en/function.password-hash.php - password will 
look something like 
"$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a"

2y is the marker for bcrypt algorithm, 10 is cost, 22 characters after 
last $ are salt, then hash


Thanks for any help

best regards!


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
ProFTPD Users List   <proftpd-users@proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
  


[Attachment #5 (text/html)]

<html><head></head><body><div style="font-family:Helvetica Neue, Helvetica, Arial, \
sans-serif;font-size:13px;"><div></div>  <div>Hello \
Catscrash,&nbsp;</div><div><br></div><div><a \
href="http://www.proftpd.org/docs/contrib/mod_sql_passwd.html" rel="nofollow" \
target="_blank" class="">http://www.proftpd.org/docs/contrib/mod_sql_passwd.html</a>&nbsp; \
-- looks like it has support for SCRYPT but not BCRYPT.&nbsp; &nbsp;We have \
successfully setup mod_sql_password / scrypt&nbsp; running against postgres.&nbsp; \
&nbsp;We also looked at bcrypt initially but never got it to \
work.&nbsp;<br></div><div><br></div><div><br></div>  
            <div id="ydp2258bb9byahoo_quoted_4105894942" \
                class="ydp2258bb9byahoo_quoted">
                <div style="font-family:'Helvetica Neue', Helvetica, Arial, \
sans-serif;font-size:13px;color:#26282a;">  
                    <div>
                        On Tuesday, March 20, 2018, 2:00:43 PM PDT, Catscrash \
&lt;catscrash@catscrash.de&gt; wrote:  </div>
                    <div><br></div>
                    <div><br></div>
                    <div><div dir="ltr">Hi,<br></div><div dir="ltr"><br></div><div \
dir="ltr">is it possible to authenticate proftpd against a mysql table, filled \
<br></div><div dir="ltr">with passwords created by the php password_hash function? \
mod_sql or <br></div><div dir="ltr">mod_sql_password don't seem to have a fitting \
option, but maybe I missed <br></div><div dir="ltr">something?<br></div><div \
dir="ltr"><br></div><div dir="ltr"><a \
href="http://de2.php.net/manual/en/function.password-hash.php " rel="nofollow" \
target="_blank">http://de2.php.net/manual/en/function.password-hash.php </a>- \
password will <br></div><div dir="ltr">look something like <br></div><div \
dir="ltr">"$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a"<br></div><div \
dir="ltr"><br></div><div dir="ltr">2y is the marker for bcrypt algorithm, 10 is cost, \
22 characters after <br></div><div dir="ltr">last $ are salt, then hash<br></div><div \
dir="ltr"><br></div><div dir="ltr"><br></div><div dir="ltr">Thanks for any \
help<br></div><div dir="ltr"><br></div><div dir="ltr">best regards!<br></div><div \
dir="ltr"><br></div><div dir="ltr"><br></div><div \
dir="ltr">------------------------------------------------------------------------------<br></div><div \
dir="ltr">Check out the vibrant tech community on one of the world's \
most<br></div><div dir="ltr">engaging tech sites, Slashdot.org! <a \
href="http://sdm.link/slashdot" rel="nofollow" \
target="_blank">http://sdm.link/slashdot</a><br></div><div \
dir="ltr">_______________________________________________<br></div><div \
dir="ltr">ProFTPD Users List&nbsp;  &lt;<a href="mailto:proftpd-users@proftpd.org" \
rel="nofollow" target="_blank">proftpd-users@proftpd.org</a>&gt;<br></div><div \
dir="ltr">Unsubscribe problems?<br></div><div dir="ltr"><a \
href="http://www.proftpd.org/list-unsub.html" rel="nofollow" \
target="_blank">http://www.proftpd.org/list-unsub.html</a><br></div></div>  </div>
            </div></div></body></html>



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

_______________________________________________
ProFTPD Users List   <proftpd-users@proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic