-
Notifications
You must be signed in to change notification settings - Fork 277
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v3.2.4: setup_password encryption - linux command #538
Comments
older variants of Postfixadmin ( e.g. 3.2.4 ) use sha1 ... specifically :
see also https://github.com/postfixadmin/postfixadmin/blob/postfixadmin_3.2/public/setup.php#L445 |
Hi @DavidGoodwin, I used the following linux commands for a test environment to generate the linux commands$ POSTFIXADMIN_SETUP_PASSWORD=mySecretPassword123!
$ SALT=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 48 ; echo '')
$ HASHED_PASSWORD=$(echo "${SALT}:${POSTFIXADMIN_SETUP_PASSWORD}" | sha1sum | cut -d " " --fields=1)
$ POSTFIXADMIN_SETUP_PASSWORD="${SALT}:${HASHED_PASSWORD}"
$ echo $POSTFIXADMIN_SETUP_PASSWORD
PUn0er242KapVSe9SXSoXmlgmCk2Ehu1nREcB09BPJBEECaq:dc3cfc0b2cee2037afda894496f99173b95b732e errorconfig.local.php<?php
$CONF['configured'] = true;
$CONF['encrypt'] = 'sha512.b64';
$CONF['fetchmail'] = 'YES';
$CONF['setup_password'] = 'PUn0er242KapVSe9SXSoXmlgmCk2Ehu1nREcB09BPJBEECaq:dc3cfc0b2cee2037afda894496f99173b95b732e';
...
?> |
the salt is a sha1 value ... and i think that's always lower cased and hexadecimal (presumably) so couldn't contain letters like P |
Sorry, I should have been a bit more explicit about how the old setup_password was constructed .... it's the equivalent of :
e.g.
And verification was a case of doing :
see also : Line 444 in 23f4b51
|
Hello all,
I found out that
$CONF['setup_password']
contains a bcrypt hash, when the user generate thesetup_password
via the GUI in the current version. How is the hash for the password generated in version3.2.4
?I am looking for the appropriate linux command:
Volker
The text was updated successfully, but these errors were encountered: