converting password hashes
John-Mark Gurney
jmg at funkthat.com
Fri Nov 1 00:16:44 UTC 2019
Wojciech Puchar wrote this message on Tue, Oct 29, 2019 at 13:13 +0100:
> i want to convert accouts from one system where there was mail-only
> accounts using dovecot/postfix based system and SQL tables to my system,
> where accounts are real unix accounts - that do mail and other things.
>
> I don't know all people's plaintext passwords, and i don't need to and
> want to, but i want new accounts to work with the same passwords
>
> in SQL tables there are entries like this:
>
> $1$aab7638c$Cn7BA/oU4mzr0QltXzV7Z0
>
> and these works by simple cut and paste to /etc/master.passwd file
>
>
> but there are entries like:
>
> {PLAIN-MD5}c575f55800a549930b9063b43af04f47
>
> that doesn't
>
>
> is there a way to make it work without contacting over hundred people and
> telling them what new password they have?
There's two ways, one is to write a PAM module or extend crypt(3) to
support the plain md5 format from postgresql.
The other option is to do what is called on-line conversion. Ask all
the affected users to login using their existing password, and as part
of the process, you now have their original password, so you jsut
re-crypt them w/ a compatible format, and then store and use the new
format.
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the freebsd-hackers
mailing list