How can I change the encryption password method of ISPConfig?

Discussion in 'Installation/Configuration' started by voltron81, Nov 4, 2009.

  1. voltron81

    voltron81 New Member

    Hi to everybody,

    I'm migrating an old mail server (based on webmin) to the new one(based on ISPConfig 3).
    For the migration I've just created in ISPConfig the domains and the emails, and after I've copied /var/vmail from the old server to the new one.

    I can read the old mail and it's ok.

    The only problem that I have is for the email's password.
    Basically webmin is using as encrytion the mysql way: ENCRYPT('password'), but ISPConfig is using another method, the CRYPT-MD5.
    Now, I know how to create an ISPConfig password from a non-crypted password, because I created this php script:
    $password = crypt('password' , '$1$[email protected]$');
    print $password . " is the CRYPT-MD5 version of my old password<br>";
    and it's working perfectly.
    The point is I haven't the non-encrypt passwords, but they are encrypted.
    So the only way that I can see to complete the migration is changing the encryption policy of ISPConfig from CRYPT-MD5 to ENCRYPT.

    Is it possible to do?

    Do you know how to do it?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The encrypt function of mysql uses also the linux crypt call:

    it just looks as if it does not format the string correctly with the salt or does not use a salt.

    Changing the encryption method in ispconfig is a bad idea as you might have to change the config of several daemons for smtp, pop3, imap, ftp and also you would not be able to install any future updates after your changes.
  3. voltron81

    voltron81 New Member

    Hi Till,
    I know that is not the best idea, but I can not see any other option to use the old accounts...

    Anyway I tried to edit the file: /var/www/ispconfig/mail/form/mail_user.tform.php changing this:
    'password' => array (
                            'datatype'      => 'VARCHAR',
                            'formtype'      => 'PASSWORD',
                            'encryption'=> 'CRYPT',
    to this:
    'password' => array (
                            'datatype'      => 'VARCHAR',
                            'formtype'      => 'PASSWORD',
                            'encryption'=> 'ENCRYPT',
    and now, if I update manually in the database the value of the password (encrypted), I can enter in that email.
    The problem is that, if I edit the password of that email in ISPConfig (or if I create a new email with ISPConfig), the new password is encrypted in a very strange way (like 8a94bdfc825df46f880854f41fee346b instead of 00tYo7GsNhKNQ). It's look like ISPConfig is now encrypting in MD5.

    Any idea to fix it?
  4. voltron81

    voltron81 New Member

    Maybe I've find how to do.
    I've just discover that, without change nothing in ISPConfig, if I just update the value of the passwords with the passwords of the old server (encrypted), I'm able to check the email with roundcube without problem.
    If when I need to change a password, I'll do it with ISPConfig and it will be encrypted in CRYPT MD5...

    Now I've just to check if in this way it's working with POP3/IMAP...
    Stay tuned...:rolleyes:
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Not strange at all, its the default way of linux password encryption on all modern linux distributions.
  6. voltron81

    voltron81 New Member

    It's look like working also with POP3 and IMAP.

    So basically I solved it just updating the old passwords in the dbispconfig...
    I didn't expect that it was so easy... :)

    Thanks Till


Share This Page