On Fri, 1 Apr 2016 15:07:34 +0200
arnaud gaboury <arnaud.gaboury(a)gmail.com> wrote:
Fedora 23
I built an email server with postfix+dovecot+postgresql.
When it comes to retrieve the user password, I have this error from
dovecot:
Unknown scheme BLF-CRYPT
In fact, my passwords are encrypted this way in my DB. After some
readings, it seems not all Linux distro have glibc built with
blowfish support.
the command
$ doveadmin pw -l
does not return in fact BLF-CRYPT in its enabled scheme.
I installed the bcrypt package, but nothing changes.
Is there a solution, or am I missing something?
I used to compile the glibc package to get a later glibc. When I
looked at the source code, there was nothing related to blowfish.
There is a crypt directory, and a crypt.c, but md5 and sha256 and
sha512 seemed to be the only supported schemes.
I looked at the
file /usr/share/doc/dovecot/wiki/Authentication.PasswordSchemes.txt
and it says that dovecot uses glibc crypt as its decoder.
So, I think the answer to your question is that there is no solution,
as far as making glibc crypt speak blowfish. You might be able to hack
dovecot to use bcrypt to decrypt the password instead of throwing the
error. That would mean compiling the src.rpm with a patch.