PDA

View Full Version : change mailuser password hash algorithm


gring
9th April 2009, 02:05
Hi,

Where can I set the hash algorithm used to store the mailusers passwords (and ftp users too)?

I'd like to store them in clear instead of crypt, for future migrations.

And by the way, where can I find a list of the "special words" ( [domain], [client_id] etc...) that are usable in the server config menu?

Thanks

till
9th April 2009, 10:14
Where can I set the hash algorithm used to store the mailusers passwords (and ftp users too)?

The algorithm can be set in the form definition file of the iterface form, e.g. mail user form.

I'd like to store them in clear instead of crypt, for future migrations.

It is a very big security risk and you should not do this.

And by the way, where can I find a list of the "special words" ( [domain], [client_id] etc...) that are usable in the server config menu?

there is no such list.

gring
10th April 2009, 01:57
Hi Till, Thanks for your answer.

For those who want to do the same thing, look for the file

mail_user.tform.php

and then, inside the file, look for "CRYPT" and replace it by "CLEARTEXT"

Now, I will try to make the list of the special words and post it in the forum.

Thanks!

gring
18th April 2009, 19:55
note that, when, using courier, you have to:

edit courier's mysql auth config file (/etc/courier/authmysqlrc in Debian / Ubuntu)

comment the line "MYSQL_CRYPT_PWFIELD password"
and uncomment the line "MYSQL_CLEAR_PWFIELD password"

gring
22nd July 2009, 02:55
Hum...This creates a problem with Postfix sasl auth.

the file /etc/postfix/sasl/smtpd.conf contains the configuration for smtp authentification, but I can't find where the mail_user 's password hash algorithm is defined.

gring
22nd July 2009, 04:14
one dirty way would be to modify the sql command in /etc/postfix/sasl/smtpd.conf to make mysql crypt the password when asked for it, but how do I do that? encrypt(password) doesn't seem to work...

help!

gring
22nd July 2009, 04:21
setting "crypt=0" in the two lines of /etc/pam.d/smtp seems to do the trick...

till
22nd July 2009, 09:32
Please be aware that this is very insecure! ISPConfig encrypts the passwords with crypt and salt to ensure that nobody can decrypt them, if you store them unenecrypted and someone hacks your server he weill get all passwords in a format that he might use to attack other services as many poeple tend to use the same password for different websites.

gring
15th January 2010, 04:46
Hum, I tried to install the roundcube password plugin, but the passwords are stored encrypted through it.

What should I change so the mail_user passwords are stored in CLEARTEXT? Is it in ./interface/lib/classes/remoting_lib.inc.php ?

Thanks!

till
15th January 2010, 11:58
You should never store user passwords in cleartext. Storing passwords in cleartext is a security nightmare, so never do this. Users tend to use the same password for a lot of things, so if someone might hack your server or get access to your database, then he might get passwords for e.g. paypal or other payment realted things too in cleartext.

gring
15th January 2010, 16:11
I'm very aware of that, but this is for a small, particular server, where the users don't put their secure passwords and use these accounts only for particular purposes. It's not something I would do on a large server with a lot of people.

Anyway, for a big server, I would instead store the passwords with a reversible encryption (like many installations of vpopmail) with a key stored out of the database, or send the passwords to a write only and secured database before encrypting them.
So, it would still be good to know how to set the hash algorithm.

till
16th January 2010, 12:20
You will have to set the encryption in the form files to cleartext.

Anyway, for a big server, I would instead store the passwords with a reversible encryption (like many installations of vpopmail) with a key stored out of the database, or send the passwords to a write only and secured database before encrypting them.

Thats not secure either, as a hacker can simply use the master password to decrypt the user passwords. Its a bit more save then then cleartexts but still nothing that should be used on a production system. Or you need a good insurance if your users will start to sue you and you should ask your insurance first if they would even pay when you use a reversible encryption ;)