Copying old md5crypt passwords to new installation (Ubuntu 20.04)

Discussion in 'General' started by gring, Nov 10, 2020.

  1. gring

    gring Member HowtoForge Supporter

    Hello !
    I'm trying to copy passwords from an older server, that used md5crypt/salted passwords (they start with "$1$"), to a newer server (running Ubuntu 20.04).
    It doesn't work (I tried it first on a user ispconfig client account).
    I understand the new passwords are encrypted by using SHA512 ($6$), but I hoped it would accept md5 passwords.

    (I checked that php supports CRYPT_MD5, but I guess passwords, like for ftp accounts, aren't all checked through php ?)
    What should I know / where should I look ?

    Thanks.
     
  2. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    I believe they should work, I know mail accounts can use various hash methods. I'll check some clients later to verify.
     
  3. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    confirmed, on our oldest server, most of the clients have a $1$ password hash, only some of the newer ones have a $6$rounds=5000$ hash, and they all work fine.
     
  4. gring

    gring Member HowtoForge Supporter

    Thank you for your answer !

    It's indeed not a md5 problem.

    If I set a password through ispconfig, it works.
    If I use the php crypt function, with the same salt, it outputs the same hash result, (though truncated, but it works).
    If I use a different salt with the same password, it generates another result, but it works.
    If I try to use php crypt with any other password, with the same or or a different salt, it won't work.
     
  5. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    Are you inserting directly into the database, or using the remote api?
     
  6. gring

    gring Member HowtoForge Supporter

    I tried it directly in the database.

    Is there a documentation for the api ? I don't manage to find it. Thanks !
     
  7. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    That should work fine if you are updating the password of an existing record. If you're adding users you should use the api.

    It's included in the ispconfig sources, there is some html documentation for function calls and many client examples. I forget the specific directory name, remote_client or similar.
     
  8. gring

    gring Member HowtoForge Supporter

    Thank you for your help !
    I still don't understand why I have this behavior (I only updated passwords for users created by ispconfig), but knowing it should work is already a lot of help (I know I'm on the right track).
    When I find out what's happening, I'll write it here.
     

Share This Page