Re: Pop mail virtual user security [LONG]
Ugh, forgot to send this to the list:
On Sun, 08/12/2002 07:04 -0500, Christopher W. Curtis wrote:
> On 12/07/02 17:43, Tim van Erven wrote:
>> On Sat, Dec 07, 2002 at 04:39:54PM -0500, "Christopher W. Curtis"
>> <firstname.lastname@example.org> wrote:
>>> On 12/07/02 12:54, Tim van Erven wrote:
>>>> 2) How are the passwordhashes in /etc/shadow generated from the
>>>> salt+password? I can't use 'passwd' to update popa3d's auth files, so
>>>> I need to generate them some other way.
>>> Solid-pop3d (CVS only for VHosting) comes with spadm for this, but if
>>> you're using standard /etc/shadow type crypt() entries, use htpasswd.
>> I can't find spadm in the solid-pop3d source. Are you sure it's there?
> Sorry ... I did all that at my former job. ;-) I should've said spdbm.
> But this will not do Linux crypt() things, it does BSD $1$xxxxx things.
> Really - htpasswd (from Apache) does what you want.
Sorry, I neglected to mention I want to use MD5 'BSD $1$xxxxx things'. I
found spdbm in solid-pop3d-0.16d (a prerelease) now, but it's somewhat
awkward to compile independantly from the rest of the source. I'll
probably try to audit chpwdfile and go with that next time I have
some time to spare.
Tim van Erven <email@example.com>
OpenPGP Key ID: 712CB811 Fingerprint: F6C9 61EE 242C C012 36D5
BBF8 6310 D557 712C B811