List Info

Thread: Re: sendmail auth and password types
Re: sendmail auth and password types
country flaguser name
United States		 2007-07-11 11:17:59 
Ah, right - ok, so either you need plaintext in DBMail and
Sendmail will
retrieve the raw password and hash it as necessary in order
to compare
it with the hashes received from the client, or you need to
restrict
Sendmail down to a single hash mechanism that matched
exactly with the
hashed passwords in DBMail. Remember that password hashed
are one-way --
if the database contains a hash, and the client sends some
other hash,
there's no way to convert between them in order to
authenticate.

Aaron

On Wed, 2007-07-11 at 10:41 -0500, Stephen Loeckle wrote:
> Oh BTW, these are the types supported by my sendmail
install
> 
> 250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
> 
> define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')
> TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
> 
> Stephen
> 
> 
> Quoting Stephen Loeckle <sloecklelucidnetworks.net>:
> 
> > None of them worked. plaintext is the only one
that works. Any ideas?
> >
> > Thanks,
> >
> > Stephen
> >
> > Quoting Aaron Stone <aaronserendipity.cx>:
> >
> >> On Tue, 2007-07-10 at 00:50 -0500, Stephen
Loeckle wrote:
> >>
> >>> This may be more of a sendmail issue but
it's odd nonetheless. I have
> >>> the sendmail auth to dbmail users table as
per:
> >>>
> >>> http://www.dbmail.org/dokuwiki/doku.php?id=sendmail_how
to
> >>>
> >>> It works fine but only when the passwd is
in plaintext. I cannot get
> >>> the user to auth to sendmail if the passwd
is in md5 and
> >>> encryption_type is md5.
> >>>
> >>> Anyone run into this?
> >>
> >> We have a couple of md5 options: md5-hash,
md5-digest, md5-base64. Have
> >> you tried them all to see if one matches
sendmail's expected lookup
> >> format?
> >>
> >> Aaron
> >>
> >>
_______________________________________________
> >> DBmail mailing list
> >> DBmaildbmail.org
> >> htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
> >>
> >
> >
> > _______________________________________________
> > DBmail mailing list
> > DBmaildbmail.org
> > htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
> 
> 
> _______________________________________________
> DBmail mailing list
> DBmaildbmail.org
> htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail

_______________________________________________
DBmail mailing list
DBmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
Re: sendmail auth and password types
country flaguser name
United States		 2007-07-11 12:58:06 
ooooook I understand now  I was
thinking that the client could send  
plaintext and i could have the password encrypted in the
database. The  
reason I was trying this to begin with was a little script I
wrote to  
convert a passwd/shadow file into dbmail users for a server
conversion  
so I wouldn't have to know the user's passwords. I guess
I'll need to  
know these passwords because I'm not willing to brute force
the md5  
shadow salts.

Thanks!

Stephen

Quoting Aaron Stone <aaronserendipity.cx>:

> Ah, right - ok, so either you need plaintext in DBMail
and Sendmail will
> retrieve the raw password and hash it as necessary in
order to compare
> it with the hashes received from the client, or you
need to restrict
> Sendmail down to a single hash mechanism that matched
exactly with the
> hashed passwords in DBMail. Remember that password
hashed are one-way --
> if the database contains a hash, and the client sends
some other hash,
> there's no way to convert between them in order to
authenticate.
>
> Aaron
>
> On Wed, 2007-07-11 at 10:41 -0500, Stephen Loeckle
wrote:
>> Oh BTW, these are the types supported by my
sendmail install
>>
>> 250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
>>
>> define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5
LOGIN PLAIN')
>> TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
>>
>> Stephen
>>
>>
>> Quoting Stephen Loeckle <sloecklelucidnetworks.net>:
>>
>> > None of them worked. plaintext is the only one
that works. Any ideas?
>> >
>> > Thanks,
>> >
>> > Stephen
>> >
>> > Quoting Aaron Stone <aaronserendipity.cx>:
>> >
>> >> On Tue, 2007-07-10 at 00:50 -0500, Stephen
Loeckle wrote:
>> >>
>> >>> This may be more of a sendmail issue
but it's odd nonetheless. I have
>> >>> the sendmail auth to dbmail users
table as per:
>> >>>
>> >>> http://www.dbmail.org/dokuwiki/doku.php?id=sendmail_how
to
>> >>>
>> >>> It works fine but only when the passwd
is in plaintext. I cannot get
>> >>> the user to auth to sendmail if the
passwd is in md5 and
>> >>> encryption_type is md5.
>> >>>
>> >>> Anyone run into this?
>> >>
>> >> We have a couple of md5 options: md5-hash,
md5-digest, md5-base64. Have
>> >> you tried them all to see if one matches
sendmail's expected lookup
>> >> format?
>> >>
>> >> Aaron
>> >>
>> >>
_______________________________________________
>> >> DBmail mailing list
>> >> DBmaildbmail.org
>> >> htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>> >>
>> >
>> >
>> >
_______________________________________________
>> > DBmail mailing list
>> > DBmaildbmail.org
>> > htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>
>>
>> _______________________________________________
>> DBmail mailing list
>> DBmaildbmail.org
>> htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>
> _______________________________________________
> DBmail mailing list
> DBmaildbmail.org
> htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>


_______________________________________________
DBmail mailing list
DBmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
[1-2]

about | contact  Other archives ( Real Estate discussion Medical topics )