HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Courier/Postifx with SHA1/MD5 (http://www.howtoforge.com/forums/showthread.php?t=5952)

neil6179 2nd August 2006 15:03

Courier/Postifx with SHA1/MD5
 
Hello all,

I've been looking around on the web for a solution to this but I can't find anywhere that gives me a straight answer.

I setup a mail system as per the Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV) tutorial with the slight alteration that I used Debian Testing. This means I am using Postfix 2.2 and Courier IMAP 4.1. Most settings are pretty much identical in all other respects.

So my question is can I use a SHA1 or MD5 hash (preferably SHA1) to authenticate instead of using the MySQL ENCRYPT() function. That is to say in the tutorial the “password” field of the 'users' table will contain the SHA1/MD5 hash as opposed to the result of the ENCRYPT() function.

As far as I can tell the only two components that use the password are the Courier authentication and the SMTP-AUTH part of Postfix.

So can this be done? If so, how would I go about it?

On a second question can anyone tell me why these two commands result in a different hash?

Command: echo '<?php print sha1("password")."\n"; ?>' | php
Result: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Command: echo 'password' | sha1sum
Result: c8fed00eb2e87f1cee8e90ebbe870c190ac3848c

and if Courier/Postfix can authenticate against one of these hashes, which one would it use?

Finally if this isn't possible with Courier would it be with another IMAP server? Dovecot maybe? My only requirement is that it supports MailDir with quotas.

Thanks all
Neil

falko 3rd August 2006 15:46

Quote:

Originally Posted by neil6179
So my question is can I use a SHA1 or MD5 hash (preferably SHA1) to authenticate instead of using the MySQL ENCRYPT() function. That is to say in the tutorial the “password” field of the 'users' table will contain the SHA1/MD5 hash as opposed to the result of the ENCRYPT() function.

I really don't know if this can be done... I tried several days until I got this encryption working, so I don't know if you can use other encryption mechanisms...

reduzent 11th December 2009 13:28

Quote:

On a second question can anyone tell me why these two commands result in a different hash?

Command: echo '<?php print sha1("password")."\n"; ?>' | php
Result: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Command: echo 'password' | sha1sum
Result: c8fed00eb2e87f1cee8e90ebbe870c190ac3848c
You would need to do this as the second command:

Code:

echo -n 'password' | sha1sum
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Otherwise the 'echo'-command adds a trailing newline character.

R.


All times are GMT +2. The time now is 12:00.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.