This documentation is for Dovecot v1.x, see wiki2 for v2.x documentation.
Differences between revisions 22 and 34 (spanning 12 versions)
Revision 22 as of 2010-12-12 06:13:19
Size: 19879
Editor: static
Comment:
Revision 34 as of 2012-04-27 18:36:34
Size: 8100
Editor: bugeye
Comment: v2: doveadm pw
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
<span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">= Password Schemes = Password scheme means the format in which the password is stored in [[PasswordDatabase|password databases]].</span> = = Contraseña Contraseña sistemas régimen, el modelo en el que se almacena la contraseña en [[PasswordDatabase | contraseña de bases de datos]].</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">The most commonly used password schemes are: * '''PLAIN''': Password is in plaintext. * '''CRYPT''': Traditional DES-crypted password in {{{/etc/passwd}}} (eg "pass" = {{{vpvKh.SaNbR6s}}}) * Dovecot uses libc's {{{crypt()}}} function, which means that CRYPT is usually able to decrypt also MD5-CRYPT and possibly also other password schemes. * Only the first 8 characters of the password are used, the rest are ignored. * '''MD5-CRYPT''': MD5 based salted password hash nowadays commonly used in {{{/etc/shadow}}}.</span> La contraseña utilizada sistemas más comúnmente son:'''*''' LLANO: Contraseña en texto claro:''CRIPTA. *'''' Tradicional-encriptado clave DES en {{{/ etc / passwd}}} (por ejemplo " pasar "= {{{vpvKh.SaNbR6s}}}) * Dovecot usa libc de {{{función ()}}} cripta, lo que significa que CRIPTA suele ser capaz de descifrar también md5-crypt y posiblemente también otros esquemas de contraseña. * Sólo los primeros 8 caracteres de la contraseña se utilizan, el resto se pasan por alto:''CRIPTA.'''* MD5-' basada en MD5 hash de la contraseña con sal de uso común hoy en día en {{{/ etc / shadow}}}.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">(eg "pass" = {{{$1$ozdpg0V0$0fb643pVsPtHVPX8mCZYW/}}}) * '''MD5''': Alias for MD5-CRYPT.</span> (Por ejemplo, "pasar" = {{{$ 1 $ ozdpg0V0 'MD5'''''$ /}}}) 0fb643pVsPtHVPX8mCZYW *: Alias de md5-crypt.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">Dovecot versions earlier than v1.0.rc16 need to use this instead of MD5-CRYPT.</span> Dovecot versiones anteriores a v1.0.rc16 necesidad de usar esto en vez de MD5-cripta.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">This name is deprecated because MD5-CRYPT isn't an actual MD5 hash. * '''PLAIN-MD5''': An actual MD5 hash of the password.</span> Este nombre está en desuso debido a md5-crypt no es un hash MD5 real:''MD5.'''* Llanura-' un hash MD5 real de la contraseña.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">(eg "pass" = {{{1a1dc91c907325c69271ddf0c944bc72}}}) Password databases have a default password scheme: * [[AuthDatabase/SQL|SQL]]: See {{{default_pass_scheme}}} setting in {{{dovecot-sql.conf}}} * [[AuthDatabase/LDAP|LDAP]]: See {{{default_pass_scheme}}} setting in {{{dovecot-ldap.conf}}} * [[AuthDatabase/PasswdFile|PasswdFile]]: CRYPT is used by default, v1.1+ allows changing with {{{scheme}}} parameter in passdb args. * [[AuthDatabase/Passwd|Passwd]], [[PasswordDatabase/Shadow|Shadow]], [[AuthDatabase/VPopMail|VPopMail]]: CRYPT is used by default and can't be changed currently. * [[PasswordDatabase/PAM|PAM]], [[PasswordDatabase/BSDAuth|BSDAuth]], [[PasswordDatabase/CheckPassword|CheckPassword]]: Dovecot never even sees the password with these databases, so Dovecot has nothing to do with what password scheme is used. The password scheme can be overridden for each password by prefixing it with {SCHEME}, for example: {{{{PLAIN}pass}}}. Dovecot contains a {{{dovecotpw}}} utility which can be used to easily generate passwords for a wanted scheme. == What scheme to use?</span> (Por ejemplo, "pasar" = {{{}}} 1a1dc91c907325c69271ddf0c944bc72) bases de datos de contraseña pueden tener un sistema de contraseña por defecto: * [[AuthDatabase / SQL | SQL]]: Véase {{{}}} default_pass_scheme puesta en {{{dovecot-SQL. conf}}} * [[AuthDatabase / LDAP | LDAP]]: Véase {{{}}} default_pass_scheme puesta en {{{dovecot-ldap.conf}}} * [[AuthDatabase / PasswdFile | PasswdFile]]: CRIPTA se utiliza por defecto, v1.1 + permite cambiar con {{{}}} régimen parámetro args passdb]. * [[AuthDatabase / passwd | Passwd], [[PasswordDatabase / Sombra Sombra |]], [[AuthDatabase / vpopmail | vpopmail ]]: CRIPTA se utiliza de forma predeterminada y no puede ser cambiado en la actualidad:. * [[PasswordDatabase / PAM | PAM]], [[PasswordDatabase / BSDAuth | BSDAuth]], [[PasswordDatabase / CheckPassword | CheckPassword]] Dovecot nunca ve la clave con estas bases de datos, por lo que Dovecot no tiene nada que ver con lo que se utiliza esquema de contraseña:. La contraseña del sistema se puede reemplazar por cada contraseña con el prefijo con {} RÉGIMEN, por ejemplo {{{{} LLANO pasar}}} . Dovecot contiene un {{{}}} dovecotpw utilidad que se puede utilizar para generar fácilmente las contraseñas de un régimen quería. == ¿Qué esquema a utilizar?</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">== With most installations it doesn't really matter what scheme you're using.</span> == En la mayoría de las instalaciones que en realidad no importa qué sistema se está utilizando.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">If you already have users with existing passwords, it's easiest to just keep using the same scheme.</span> Si ya dispone de los usuarios con contraseñas existentes, es más fácil de conservar en el mismo utilizando el mismo esquema.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">Otherwise just pick something strong enough, for example SSHA. The main idea behind storing passwords in non-plaintext scheme is that if an attacker gets access to your server, he can't easily just get all users' passwords and start using them.</span> De lo contrario sólo debes elegir lo suficientemente fuerte como algo, por ejemplo SSHA. La idea principal detrás de almacenar contraseñas en texto plano régimen no es que si un atacante obtiene acceso a su servidor, que puede no sólo hacer que los usuarios "todas las contraseñas y empezar a usarlas.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">With stronger schemes it takes more time to crack the passwords. == Non-plaintext authentication mechanisms == See [[Authentication/Mechanisms]] for explanation of auth mechanisms.</span> Con fuertes planes de que se necesita más tiempo para romper las contraseñas. == Texto mecanismos de autenticación no == Ver [[Autenticación /] Mecanismos] para una explicación de los mecanismos de autenticación.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">Most installations use only plaintext mechanisms, so you can skip this section unless you know you want to use them. The problem with non-plaintext auth mechanisms is that the password must be stored either in plaintext, or using a mechanism-specific scheme that's incompatible with all other non-plaintext mechanisms.</span> La mayoría de instalaciones de uso texto único mecanismo, por lo que puede saltarse esta sección a menos que usted sabe que usted desea para su uso. El problema con el texto autoridades mecanismos-no es que la contraseña debe ser almacenada, ya sea en texto plano, o con un específico régimen de mecanismo que es incompatible con todos los otros mecanismos no-texto.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">For example if you're going to use CRAM-MD5 authentication, the password needs to be stored in either PLAIN or CRAM-MD5 scheme.</span> Por ejemplo, si usted va a utilizar la autenticación CRAM-MD5, la contraseña debe ser almacenada, ya sea en régimen de llanura o CRAM-MD5.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">If you want to allow both CRAM-MD5 and DIGEST-MD5, the password must be stored in plaintext. In future it's possible that Dovecot could support multiple passwords in different schemes for a single user. == Supported schemes == '''PLAIN''', '''CRYPT''' and '''MD5-CRYPT''' schemes were explained above. Non-plaintext mechanism specific schemes: * '''LANMAN''': DES-based encryption.</span> Si desea permitir que tanto CRAM-MD5 y DIGEST-MD5, la contraseña debe ser almacenada en texto plano. En el futuro es posible que Dovecot puede apoyar múltiples contraseñas en sistemas diferentes para un único usuario. Compatible con sistemas =='''== LLANO ''','',''' crypt 'y''' MD5''CRIPTA "sistemas se explica más arriba: de texto plano mecanismo no específico. esquemas *'''''LANMAN': basado en el cifrado DES.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">Used sometimes with NTLM mechanism. * '''NTLM''': MD4 sum of the password stored in hex.</span> Se utiliza a veces con el mecanismo de NTLM:''NTLM. *'''' Suma MD4 de la contraseña almacenada en hexadecimal.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">Used with NTLM mechanism. * '''RPA''': Used with RPA mechanism. * '''CRAM-MD5''': Used with CRAM-MD5 mechanism (v1.0.rc16 and later, for older use HMAC-MD5) * '''HMAC-MD5''': Deprecated name for CRAM-MD5.</span> * EPR mecanismo.'''''CRAM MD5' con 'RPA''':''Se utiliza NTLM mecanismo. * Con ocasion con mecanismo de CRAM-MD5 (v1.0.rc16 y más tarde, de la tercera edad uso de HMAC- MD5) '*''' HMAC-MD5'': nombre obsoletas para CRAM-MD5.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">The password isn't really in a standard HMAC-MD5 format. * '''DIGEST-MD5''': Used with [[Authentication/Mechanisms/DigestMD5|DIGEST-MD5 mechanism]].</span> La contraseña no es realmente en un HMAC-MD5 formato estándar]''MD5.'''* COMPENDIO »: se utiliza con [[Authentication/Mechanisms/DigestMD5 | DIGEST-MD5 mecanismo].</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">The username is included in the hash, so it's not possible to use the hash for different usernames. MD5 based schemes: * '''PLAIN-MD5''': MD5 sum of the password stored in hex. * '''LDAP-MD5''': MD5 sum of the password stored in base64. * '''SMD5''': Salted MD5 sum of the password stored in base64. SHA based schemes (also see below for libc's SHA* support): * '''SHA''': SHA1 sum of the password stored in base64. * '''SSHA''': Salted SHA1 sum of the password stored in base64. * '''SHA256''': SHA256 sum of the password stored in base64.</span> El nombre de usuario está incluido en el hash, así que no es posible usar el hash de nombres de usuario diferentes: MD5 base. Esquemas '*'''''LLANO-MD5: suma de la contraseña almacenada en hexadecimal. MD5 *'''LDAP MD5''': Suma MD5 de la contraseña almacenada en la base 64 *'''''. smd5 ': de la suma MD5 de la contraseña almacenada en la base 64. salado basado en esquemas de SHA (véase también a continuación para el apoyo de SHA * libc): *'' 'SHA''': suma SHA1 de la contraseña almacenada en base 64:''SSHA. *'''' suma SHA1 de la contraseña almacenada en la base 64. Salado'''*''' SHA256: SHA256 suma de la contraseña almacenada en base64.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">(v1.1 and later). * '''SSHA256''': Salted SHA256 sum of the password stored in base64.</span> (Versión 1.1 y posteriores):''SSHA256. *'''' Salado suma SHA256 de la contraseña almacenada en la base 64.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">(v1.2 and later). * '''SHA512''': SHA512 sum of the password stored in base64.</span> versión 1.2 y posteriores). ('''*''' SHA512: suma SHA512 de la contraseña almacenada en la base 64.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">(v2.0 and later). * '''SSHA512''': Salted SHA512 sum of the password stored in base64.</span> v2.0 y posteriores). ('''*''' SSHA512: SHA512 suma salado de la contraseña almacenada en la base 64.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">(v2.0 and later). For some schemes (eg PLAIN-MD5, SHA) Dovecot is able to detect if the password hash is base64 or hex encoded, so both can be used.</span> (Versión 2.0 y posteriores). Para algunos sistemas (por ejemplo, LLANO-MD5, SHA) Dovecot es capaz de detectar si el hash de la contraseña está codificada en base64 o hexadecimal, por lo tanto pueden ser utilizados.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">{{{dovecotpw}}} anyway generates the passwords using the encoding mentioned above. == SHA256 and SHA512 in libc == glibc v2.7+ supports SHA256 and SHA512 based password schemes.</span> {{{}}} Dovecotpw todos modos genera las contraseñas utilizando la codificación antes mencionados. == SHA256 y SHA512 en libc == glibc 2.7 + es compatible con SHA256 y SHA512 sistemas basados en contraseñas.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">The passwords look like: * SHA256: $5$salt$data * SHA512: $6$salt$data These passwords are completely different than what Dovecot generates.</span> Las contraseñas se parecen: * SHA256: $ 5 $ $ sal datos SHA512 *: $ 6 $ $ sal de datos Estas contraseñas son completamente diferentes de lo que genera Dovecot.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">They use multiple rounds of SHA, so they're also safer against brute forcing (but also requiring more CPU from your server).</span> Ellos usan múltiples rondas de SHA, por lo que son también más seguro contra ataques de fuerza bruta (pero también requiere más CPU del servidor).</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">You can use these simply by using CRYPT scheme, assuming your libc can handle these kinds of passwords. == Encoding == The base64 vs. hex encoding that is mentioned above is simply the default encoding that is used.</span> Usted puede utilizar estas simplemente usando régimen CRIPTA, asumiendo que su libc pueden manejar este tipo de contraseñas. == == La codificación base64 vs codificación hexadecimal que se menciona arriba es simplemente la codificación predeterminada que se utiliza.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">You can override it for any scheme by adding a ".hex", ".b64" or ".base64" suffix.</span> Se puede reemplazar por cualquier régimen mediante la adición de una ". Hexagonal", ". B64" o ". Base64 sufijo".</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">For example: * {{{{SSHA.b64}986H5cS9JcDYQeJd6wKaITMho4M9CrXM}}} contains the password encoded to base64 (just like {SSHA}) * {{{{SSHA.HEX}3f5ca6203f8cdaa44d9160575c1ee1d77abcf59ca5f852d1}}} contains the password encoded to hex This can be especially useful with plaintext passwords to encode characters that would otherwise be illegal.</span> Por ejemplo: * {{{{} SSHA.b64 986H5cS9JcDYQeJd6wKaITMho4M9CrXM}}} contiene la contraseña codificada en Base64 (al igual que {} SSHA) * {{{{} SSHA.HEX 3f5ca6203f8cdaa44d9160575c1ee1d77abcf59ca5f852d1}}} contiene la contraseña codificada en hexadecimal Esto puede ser especialmente útil con contraseñas en texto plano para codificar los caracteres que de otra manera sería ilegal.</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">For example in passwd-file you couldn't use a ":" character in the password without encoding it to base64 or hex.</span> Por ejemplo, en passwd-archivo que no podía utilizar a: carácter en la contraseña sin codificar a base64 o hexadecimal ".</span> <span onmouseover="_tipon(this)" onmouseout="_tipoff()"><span class="google-src-text" style="direction: ltr; text-align: left">For example: {{{{PLAIN}{\}:!"}}} is the same as {{{{PLAIN.b64}e1x9OiEiCg==}}}. You can also specify the encoding with dovecotpw. For example: {{{dovecotpw -s plain.b64}}} == Salting == For most of the salted password schemes (SMD5, SSHA*) the salt is stored after the password hash and its length can vary. When hashing the password, append the salt after the plaintext password, eg: SSHA256(pass, salt) = SHA256(pass + salt) + salt. For example with SSHA256 you know that the hash itself is 32 bytes (256 bits/8 bits per byte). Everything after that 32 bytes is the salt. For example if you have a password: {{{ {SSHA256}SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv }}} After base64 decoding it you'll see that its length is 36 bytes, so the first 32 bytes are the hash and the following 4 bytes are the salt: * length: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|wc -c}}} -> 36 * hash: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|dd bs=1 count=32|hexdump -C}}} -> 4a 84 7f ef c4 f9 ab 45 0f 16 78 3c 50 25 d6 43 13 94 2a 1c eb 25 99 70 7c db 65 94 0b a9 01 e5 * salt: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|dd bs=1 skip=32|hexdump -C}}} -> 13 fa 44 2f</span> Por ejemplo: {{{{SIMPLE} {\ }:!"}}} es lo mismo que {{{{} PLAIN.b64 e1x9OiEiCg ==}}}. También puede especificar la codificación con dovecotpw:. Por ejemplo { {{dovecotpw-s plain.b64}}} == == salazón Para la mayoría de los regímenes de contraseña salados (smd5, SSHA *) la sal se almacena después de que el hash de la contraseña y su longitud puede variar. Cuando hash de la contraseña, añadir la sal después de la contraseña en texto plano, por ejemplo: SSHA256 (pasa, sal) = SHA256 (pasa + sal) + sal después. Por ejemplo, con SSHA256 usted sabe que el hash de la misma es de 32 bytes (256 bits / 8 bits por byte que). Todo 32 bytes es la sal:. Por ejemplo, si usted tiene una contraseña {{{{} SSHA256 SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT kQv +}}} Después de base64 descifrar lo puedes encontrar que su longitud es de 36 bytes, por lo que los primeros 32 bytes son los hash y los 4 bytes siguientes son la sal: * Longitud: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT + kQv | base64-d | wc-c}}} -> 36 hash *: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT + kQv | base64 -d | dd bs = 1 count = 32 | hexdump-C}}} -> 4 bis 84 7f efectos c4 F9 AB 45 0F 16 78 3C 50 25 d6 43 13 94 1c 2a eb 25 99 70 65 94 7c db 0b a9 01 e5 sal *: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT + kQv | = 32 | skip-base64 d | dd bs = 1 hexdump-C}}} -> 13 bis 44 2f</span> = Password Schemes =

Password scheme means the format in which the password is stored in [[PasswordDatabase|password databases]]. The most commonly used password schemes are:

 * '''PLAIN''': Password is in plaintext.
 * '''CRYPT''': Traditional DES-crypted password in {{{/etc/passwd}}} (e.g. "pass" = {{{vpvKh.SaNbR6s}}})
  * Dovecot uses libc's {{{crypt()}}} function, which means that CRYPT is usually able to recognize MD5-CRYPT and possibly also other password schemes. Please see the notes below regarding glibc's {{{crypt()}}} and SHA-256/512 support.
  * The traditional DES-crypt scheme only uses the first 8 characters of the password, the rest are ignored. Other schemes may have other password length limitations (if they limit the password length at all).
 * '''MD5-CRYPT''': MD5 based salted password hash nowadays commonly used in {{{/etc/shadow}}}. (e.g. "pass" = {{{$1$ozdpg0V0$0fb643pVsPtHVPX8mCZYW/}}})
  * '''MD5''': Alias for MD5-CRYPT. Dovecot versions earlier than v1.0.rc16 need to use this instead of MD5-CRYPT. This name is deprecated because MD5-CRYPT isn't an actual MD5 hash.
 * '''PLAIN-MD5''': An actual MD5 hash of the password. (e.g. "pass" = {{{1a1dc91c907325c69271ddf0c944bc72}}})

Password databases have a default password scheme:

 * [[AuthDatabase/SQL|SQL]]: See {{{default_pass_scheme}}} setting in {{{dovecot-sql.conf}}}
 * [[AuthDatabase/LDAP|LDAP]]: See {{{default_pass_scheme}}} setting in {{{dovecot-ldap.conf}}}
 * [[AuthDatabase/PasswdFile|PasswdFile]]: CRYPT is used by default, v1.1+ allows changing with {{{scheme}}} parameter in passdb args.
 * [[AuthDatabase/Passwd|Passwd]], [[PasswordDatabase/Shadow|Shadow]], [[AuthDatabase/VPopMail|VPopMail]]: CRYPT is used by default and can't be changed currently.
 * [[PasswordDatabase/PAM|PAM]], [[PasswordDatabase/BSDAuth|BSDAuth]], [[PasswordDatabase/CheckPassword|CheckPassword]]: Dovecot never even sees the password with these databases, so Dovecot has nothing to do with what password scheme is used.

The password scheme can be overridden for each password by prefixing it with {SCHEME}, for example: {{{{PLAIN}pass}}}.

Dovecot contains a utility which can be used to easily generate passwords for a wanted scheme: in Dovecot v1, {{{dovecotpw}}}; in Dovecot v2, {{{doveadm pw}}}

== What scheme to use? ==
With most installations it doesn't really matter what scheme you're using. If you already have users with existing passwords, it's easiest to just keep using the same scheme. Otherwise just pick something strong enough, for example SSHA.

The main idea behind storing passwords in non-plaintext scheme is that if an attacker gets access to your server, he can't easily just get all users' passwords and start using them. With stronger schemes it takes more time to crack the passwords.

== Non-plaintext authentication mechanisms ==
See [[Authentication/Mechanisms]] for explanation of auth mechanisms. Most installations use only plaintext mechanisms, so you can skip this section unless you know you want to use them.

The problem with non-plaintext auth mechanisms is that the password must be stored either in plaintext, or using a mechanism-specific scheme that's incompatible with all other non-plaintext mechanisms. For example if you're going to use CRAM-MD5 authentication, the password needs to be stored in either PLAIN or CRAM-MD5 scheme. If you want to allow both CRAM-MD5 and DIGEST-MD5, the password must be stored in plaintext.

In future it's possible that Dovecot could support multiple passwords in different schemes for a single user.

== Supported schemes ==
'''PLAIN''', '''CRYPT''' and '''MD5-CRYPT''' schemes were explained above.

Non-plaintext mechanism specific schemes:

 * '''LANMAN''': DES-based encryption. Used sometimes with NTLM mechanism.
 * '''NTLM''': MD4 sum of the password stored in hex. Used with NTLM mechanism.
 * '''RPA''': Used with RPA mechanism.
 * '''CRAM-MD5''': Used with CRAM-MD5 mechanism (v1.0.rc16 and later, for older use HMAC-MD5)
  * '''HMAC-MD5''': Deprecated name for CRAM-MD5. The password isn't really in a standard HMAC-MD5 format.
 * '''DIGEST-MD5''': Used with [[Authentication/Mechanisms/DigestMD5|DIGEST-MD5 mechanism]]. The username is included in the hash, so it's not possible to use the hash for different usernames.

MD5 based schemes:

 * '''PLAIN-MD5''': MD5 sum of the password stored in hex.
 * '''LDAP-MD5''': MD5 sum of the password stored in base64.
 * '''SMD5''': Salted MD5 sum of the password stored in base64.

SHA based schemes (also see below for libc's SHA* support):

 * '''SHA''': SHA1 sum of the password stored in base64.
 * '''SSHA''': Salted SHA1 sum of the password stored in base64.
 * '''SHA256''': SHA256 sum of the password stored in base64. (v1.1 and later).
 * '''SSHA256''': Salted SHA256 sum of the password stored in base64. (v1.2 and later).
 * '''SHA512''': SHA512 sum of the password stored in base64. (v2.0 and later).
 * '''SSHA512''': Salted SHA512 sum of the password stored in base64. (v2.0 and later).

For some schemes (e.g. PLAIN-MD5, SHA) Dovecot is able to detect if the password hash is base64 or hex encoded, so both can be used. {{{dovecotpw}}} anyway generates the passwords using the encoding mentioned above.

== SHA256 and SHA512 in libc ==
glibc v2.7+ supports SHA256 and SHA512 based password schemes. The passwords look like:

 * SHA256: $5$salt$data
 * SHA512: $6$salt$data

These passwords are completely different than what Dovecot generates. They use multiple rounds of SHA, so they're also safer against brute forcing (but also requiring more CPU from your server). You can use these simply by using CRYPT scheme, assuming your libc can handle these kinds of passwords.

== Encoding ==
The base64 vs. hex encoding that is mentioned above is simply the default encoding that is used. You can override it for any scheme by adding a ".hex", ".b64" or ".base64" suffix. For example:

 * {{{{SSHA.b64}986H5cS9JcDYQeJd6wKaITMho4M9CrXM}}} contains the password encoded to base64 (just like {SSHA})
 * {{{{SSHA.HEX}3f5ca6203f8cdaa44d9160575c1ee1d77abcf59ca5f852d1}}} contains the password encoded to hex

This can be especially useful with plaintext passwords to encode characters that would otherwise be illegal. For example in passwd-file you couldn't use a ":" character in the password without encoding it to base64 or hex. For example: {{{{PLAIN}{\}:!"}}} is the same as {{{{PLAIN.b64}e1x9OiEiCg==}}}.

You can also specify the encoding with dovecotpw. For example: {{{dovecotpw -s plain.b64}}}

== Salting ==
For most of the salted password schemes (SMD5, SSHA*) the salt is stored after the password hash and its length can vary. When hashing the password, append the salt after the plaintext password, e.g.: SSHA256(pass, salt) = SHA256(pass + salt) + salt.

For example with SSHA256 you know that the hash itself is 32 bytes (256 bits/8 bits per byte). Everything after that 32 bytes is the salt. For example if you have a password:

{{{
{SSHA256}SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv
}}}
After base64 decoding it you'll see that its length is 36 bytes, so the first 32 bytes are the hash and the following 4 bytes are the salt:

 * length: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|wc -c}}} -> 36
 * hash: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|dd bs=1 count=32|hexdump -C}}} -> 4a 84 7f ef c4 f9 ab 45 0f 16 78 3c 50 25 d6 43 13 94 2a 1c eb 25 99 70 7c db 65 94 0b a9 01 e5
 * salt: {{{echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|dd bs=1 skip=32|hexdump -C}}} -> 13 fa 44 2f

Other common hash sizes are:

 * MD5: 16 bytes
 * SHA: 20 bytes
 * SHA256: 32 bytes
 * SHA512: 64 bytes

The web management gui [[http://developer.gauner.org/vboxadm/|VBoxAdm]] has some code dealing with creation and verification of salted hashes in Perl. However not all password schemes provided by dovecotpw are supported. Have a look at the module VBoxAdm::DovecotPW for more details.

Password Schemes

Password scheme means the format in which the password is stored in password databases. The most commonly used password schemes are:

  • PLAIN: Password is in plaintext.

  • CRYPT: Traditional DES-crypted password in /etc/passwd (e.g. "pass" = vpvKh.SaNbR6s)

    • Dovecot uses libc's crypt() function, which means that CRYPT is usually able to recognize MD5-CRYPT and possibly also other password schemes. Please see the notes below regarding glibc's crypt() and SHA-256/512 support.

    • The traditional DES-crypt scheme only uses the first 8 characters of the password, the rest are ignored. Other schemes may have other password length limitations (if they limit the password length at all).
  • MD5-CRYPT: MD5 based salted password hash nowadays commonly used in /etc/shadow. (e.g. "pass" = $1$ozdpg0V0$0fb643pVsPtHVPX8mCZYW/)

    • MD5: Alias for MD5-CRYPT. Dovecot versions earlier than v1.0.rc16 need to use this instead of MD5-CRYPT. This name is deprecated because MD5-CRYPT isn't an actual MD5 hash.

  • PLAIN-MD5: An actual MD5 hash of the password. (e.g. "pass" = 1a1dc91c907325c69271ddf0c944bc72)

Password databases have a default password scheme:

  • SQL: See default_pass_scheme setting in dovecot-sql.conf

  • LDAP: See default_pass_scheme setting in dovecot-ldap.conf

  • PasswdFile: CRYPT is used by default, v1.1+ allows changing with scheme parameter in passdb args.

  • Passwd, Shadow, VPopMail: CRYPT is used by default and can't be changed currently.

  • PAM, BSDAuth, CheckPassword: Dovecot never even sees the password with these databases, so Dovecot has nothing to do with what password scheme is used.

The password scheme can be overridden for each password by prefixing it with {SCHEME}, for example: {PLAIN}pass.

Dovecot contains a utility which can be used to easily generate passwords for a wanted scheme: in Dovecot v1, dovecotpw; in Dovecot v2, doveadm pw

What scheme to use?

With most installations it doesn't really matter what scheme you're using. If you already have users with existing passwords, it's easiest to just keep using the same scheme. Otherwise just pick something strong enough, for example SSHA.

The main idea behind storing passwords in non-plaintext scheme is that if an attacker gets access to your server, he can't easily just get all users' passwords and start using them. With stronger schemes it takes more time to crack the passwords.

Non-plaintext authentication mechanisms

See Authentication/Mechanisms for explanation of auth mechanisms. Most installations use only plaintext mechanisms, so you can skip this section unless you know you want to use them.

The problem with non-plaintext auth mechanisms is that the password must be stored either in plaintext, or using a mechanism-specific scheme that's incompatible with all other non-plaintext mechanisms. For example if you're going to use CRAM-MD5 authentication, the password needs to be stored in either PLAIN or CRAM-MD5 scheme. If you want to allow both CRAM-MD5 and DIGEST-MD5, the password must be stored in plaintext.

In future it's possible that Dovecot could support multiple passwords in different schemes for a single user.

Supported schemes

PLAIN, CRYPT and MD5-CRYPT schemes were explained above.

Non-plaintext mechanism specific schemes:

  • LANMAN: DES-based encryption. Used sometimes with NTLM mechanism.

  • NTLM: MD4 sum of the password stored in hex. Used with NTLM mechanism.

  • RPA: Used with RPA mechanism.

  • CRAM-MD5: Used with CRAM-MD5 mechanism (v1.0.rc16 and later, for older use HMAC-MD5)

    • HMAC-MD5: Deprecated name for CRAM-MD5. The password isn't really in a standard HMAC-MD5 format.

  • DIGEST-MD5: Used with DIGEST-MD5 mechanism. The username is included in the hash, so it's not possible to use the hash for different usernames.

MD5 based schemes:

  • PLAIN-MD5: MD5 sum of the password stored in hex.

  • LDAP-MD5: MD5 sum of the password stored in base64.

  • SMD5: Salted MD5 sum of the password stored in base64.

SHA based schemes (also see below for libc's SHA* support):

  • SHA: SHA1 sum of the password stored in base64.

  • SSHA: Salted SHA1 sum of the password stored in base64.

  • SHA256: SHA256 sum of the password stored in base64. (v1.1 and later).

  • SSHA256: Salted SHA256 sum of the password stored in base64. (v1.2 and later).

  • SHA512: SHA512 sum of the password stored in base64. (v2.0 and later).

  • SSHA512: Salted SHA512 sum of the password stored in base64. (v2.0 and later).

For some schemes (e.g. PLAIN-MD5, SHA) Dovecot is able to detect if the password hash is base64 or hex encoded, so both can be used. dovecotpw anyway generates the passwords using the encoding mentioned above.

SHA256 and SHA512 in libc

glibc v2.7+ supports SHA256 and SHA512 based password schemes. The passwords look like:

  • SHA256: $5$salt$data
  • SHA512: $6$salt$data

These passwords are completely different than what Dovecot generates. They use multiple rounds of SHA, so they're also safer against brute forcing (but also requiring more CPU from your server). You can use these simply by using CRYPT scheme, assuming your libc can handle these kinds of passwords.

Encoding

The base64 vs. hex encoding that is mentioned above is simply the default encoding that is used. You can override it for any scheme by adding a ".hex", ".b64" or ".base64" suffix. For example:

  • {SSHA.b64}986H5cS9JcDYQeJd6wKaITMho4M9CrXM contains the password encoded to base64 (just like {SSHA})

  • {SSHA.HEX}3f5ca6203f8cdaa44d9160575c1ee1d77abcf59ca5f852d1 contains the password encoded to hex

This can be especially useful with plaintext passwords to encode characters that would otherwise be illegal. For example in passwd-file you couldn't use a ":" character in the password without encoding it to base64 or hex. For example: {PLAIN}{\}:!" is the same as {PLAIN.b64}e1x9OiEiCg==.

You can also specify the encoding with dovecotpw. For example: dovecotpw -s plain.b64

Salting

For most of the salted password schemes (SMD5, SSHA*) the salt is stored after the password hash and its length can vary. When hashing the password, append the salt after the plaintext password, e.g.: SSHA256(pass, salt) = SHA256(pass + salt) + salt.

For example with SSHA256 you know that the hash itself is 32 bytes (256 bits/8 bits per byte). Everything after that 32 bytes is the salt. For example if you have a password:

{SSHA256}SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv

After base64 decoding it you'll see that its length is 36 bytes, so the first 32 bytes are the hash and the following 4 bytes are the salt:

  • length: echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|wc -c -> 36

  • hash: echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|dd bs=1 count=32|hexdump -C -> 4a 84 7f ef c4 f9 ab 45 0f 16 78 3c 50 25 d6 43 13 94 2a 1c eb 25 99 70 7c db 65 94 0b a9 01 e5

  • salt: echo SoR/78T5q0UPFng8UCXWQxOUKhzrJZlwfNtllAupAeUT+kQv|base64 -d|dd bs=1 skip=32|hexdump -C -> 13 fa 44 2f

Other common hash sizes are:

  • MD5: 16 bytes
  • SHA: 20 bytes
  • SHA256: 32 bytes
  • SHA512: 64 bytes

The web management gui VBoxAdm has some code dealing with creation and verification of salted hashes in Perl. However not all password schemes provided by dovecotpw are supported. Have a look at the module VBoxAdm::DovecotPW for more details.

None: Authentication/PasswordSchemes (last edited 2012-04-27 18:36:34 by bugeye)