2014-09-17 08:37:38 -05:00
< html >
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
2014-09-20 05:50:50 -05:00
< title > Password hashes< / title >
2014-09-17 08:37:38 -05:00
< link href = "../css/markdown.css" rel = "stylesheet" > < / head >
< / head >
< body >
2014-09-20 09:32:14 -05:00
< div id = "navigation" >
< a href = "http://www.iredmail.org" target = "_blank" > iRedMail web site< / a >
// < a href = "../index.html" > Document Index< / a >
< / div > < h1 id = "password-hashes" > Password hashes< / h1 >
2014-09-17 08:37:38 -05:00
< h2 id = "password-hashes-supported-by-iredmail" > Password hashes supported by iRedMail< / h2 >
< p > iRedMail configures Postfix to use Dovecot as SASL authenticate server, so all
password schemes supported by Dovecot can be used in iRedMail. Please refer to
Dovecot wiki page
< a href = "http://wiki2.dovecot.org/Authentication/PasswordSchemes" > < code > Password Schemes< / code > < / a > for more details.< / p >
< p > Below password schemes are supported in iRedAdmin-Pro (which means you can add new mail user with either one):< / p >
< ul >
< li > Plain text. e.g. < code > 123456< / code > < / li >
< li > MD5. (salted. e.g. < code > $1$GfHYI7OE$vlXqMZSyJOSPXAmbXHq250< / code > < / li >
< li > PLAIN-MD5 (unsalted MD5). e.g. < code > 0d2bf3c712402f428d48fed691850bfc< / code > < / li >
< li > SSHA. e.g. < code > {SSHA}OuCrqL2yWwQIu8a9uvyOQ5V/ZKfL7LJD< / code > < / li >
< li > SSHA512. e.g. < code > {SSHA512}FxgXDhBVYmTqoboW+ibyyzPv/wGG7y4VJtuHWrx+wfqrs/lIH2Qxn2eA0jygXtBhMvRi7GNFmL++6aAZ0kXpcy1fxag=< / code > < / li >
< / ul >
< p > < strong > NOTE< / strong > : Dovecot claims it supports SSHA512, but I didn't get it work.
Please test it first if you choose SSHA512.< / p >
< h2 id = "default-password-schemes-used-in-iredmail" > Default password schemes used in iRedMail< / h2 >
< ul >
< li > For MySQL and PostgreSQL backends: < code > MD5< / code > (salted).< / li >
< li > For LDAP backend: < code > SSHA< / code > .< / li >
< / ul >
< h2 id = "how-to-use-different-password-hashes-in-iredmail" > How to use different password hashes in iRedMail< / h2 >
< h3 id = "for-mysql-and-postgresql-backends" > For MySQL and PostgreSQL backends< / h3 >
< p > All mail users are stored in SQL table < code > vmail.mailbox< / code > , user password is stored
2014-09-20 05:55:33 -05:00
in SQL column < code > mailbox.password< / code > . For example:< / p >
< pre > < code > sql> UPDATE mailbox SET password='$1$GfHYI7OE$vlXqMZSyJOSPXAmbXHq250' WHERE username='xx@xx';
2014-09-18 01:10:35 -05:00
sql> UPDATE mailbox SET password='{SSHA}OuCrqL2yWwQIu8a9uvyOQ5V/ZKfL7LJD' WHERE username='xx@xx';
sql> UPDATE mailbox SET password='{SSHA512}FxgXDhBVYmTqoboW+ibyyzPv/wGG7y4VJtuHWrx+wfqrs/lIH2Qxn2eA0jygXtBhMvRi7GNFmL++6aAZ0kXpcy1fxag=' WHERE username='xx@xx';
2014-09-20 05:55:33 -05:00
< / code > < / pre >
2014-09-17 08:37:38 -05:00
< ul >
2014-09-20 05:55:33 -05:00
< li > To store PLAIN-MD5, you have to prepend < code > {PLAIN-MD5}< / code > in your password hash:< / li >
< / ul >
< pre > < code > sql> UPDATE mailbox SET password='{PLAIN-MD5}0d2bf3c712402f428d48fed691850bfc' WHERE username='xx@xx';
< / code > < / pre >
< ul >
< li > To store plain password, you have to prepend < code > {PLAIN}< / code > :
< code > sql> UPDATE mailbox SET password='{PLAIN}123456' WHERE username='xx@xx';< / code > < / li >
2014-09-17 08:37:38 -05:00
< / ul >
< h3 id = "for-ldap-backends" > For LDAP backends< / h3 >
< p > User password is stored in attribute < code > userPassword< / code > of user object.< / p >
< ul >
< li >
< p > To store plain password, SSHA, SSHA512 password hash, just store them in
original format. For example:
2014-09-20 05:55:33 -05:00
< code > userPassword: 123456
2014-09-17 08:37:38 -05:00
userPassword: {SSHA}OuCrqL2yWwQIu8a9uvyOQ5V/ZKfL7LJD
2014-09-20 05:55:33 -05:00
userPassword: {SSHA512}FxgXDhBVYmTqoboW+ibyyzPv/wGG7y4VJtuHWrx+wfqrs/lIH2Qxn2eA0jygXtBhMvRi7GNFmL++6aAZ0kXpcy1fxag=< / code > < / p >
2014-09-17 08:37:38 -05:00
< / li >
< li >
< p > To store standard MD5 password (salted MD5 hash), please prepend < code > {CRYPT}< / code >
(case insensitive) in your password hash. For example:
2014-09-20 05:55:33 -05:00
< code > userPassword: {CRYPT}$1$GfHYI7OE$vlXqMZSyJOSPXAmbXHq250< / code > < / p >
2014-09-17 08:37:38 -05:00
< / li >
< / ul >
< p > < strong > IMPORTANT NOTE< / strong > : If you want to input password hash with phpLDAPadmin,
please choose < code > clear< / code > in the password hash list, then input password hash.< / p > < / body > < / html >