Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 2nd August 2006, 15:03
neil6179 neil6179 is offline
Junior Member
 
Join Date: Mar 2006
Posts: 19
Thanks: 0
Thanked 0 Times in 0 Posts
Question Courier/Postifx with SHA1/MD5

Hello all,

I've been looking around on the web for a solution to this but I can't find anywhere that gives me a straight answer.

I setup a mail system as per the Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV) tutorial with the slight alteration that I used Debian Testing. This means I am using Postfix 2.2 and Courier IMAP 4.1. Most settings are pretty much identical in all other respects.

So my question is can I use a SHA1 or MD5 hash (preferably SHA1) to authenticate instead of using the MySQL ENCRYPT() function. That is to say in the tutorial the “password” field of the 'users' table will contain the SHA1/MD5 hash as opposed to the result of the ENCRYPT() function.

As far as I can tell the only two components that use the password are the Courier authentication and the SMTP-AUTH part of Postfix.

So can this be done? If so, how would I go about it?

On a second question can anyone tell me why these two commands result in a different hash?

Command: echo '<?php print sha1("password")."\n"; ?>' | php
Result: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Command: echo 'password' | sha1sum
Result: c8fed00eb2e87f1cee8e90ebbe870c190ac3848c

and if Courier/Postfix can authenticate against one of these hashes, which one would it use?

Finally if this isn't possible with Courier would it be with another IMAP server? Dovecot maybe? My only requirement is that it supports MailDir with quotas.

Thanks all
Neil
Reply With Quote
Sponsored Links
  #2  
Old 3rd August 2006, 15:46
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Quote:
Originally Posted by neil6179
So my question is can I use a SHA1 or MD5 hash (preferably SHA1) to authenticate instead of using the MySQL ENCRYPT() function. That is to say in the tutorial the “password” field of the 'users' table will contain the SHA1/MD5 hash as opposed to the result of the ENCRYPT() function.
I really don't know if this can be done... I tried several days until I got this encryption working, so I don't know if you can use other encryption mechanisms...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 11th December 2009, 13:28
reduzent reduzent is offline
Junior Member
 
Join Date: Dec 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Quote:
On a second question can anyone tell me why these two commands result in a different hash?

Command: echo '<?php print sha1("password")."\n"; ?>' | php
Result: 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8

Command: echo 'password' | sha1sum
Result: c8fed00eb2e87f1cee8e90ebbe870c190ac3848c
You would need to do this as the second command:

Code:
echo -n 'password' | sha1sum
5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
Otherwise the 'echo'-command adds a trailing newline character.

R.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 14:39.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.