Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
DOVEADM-PW(1)			    Dovecot			 DOVEADM-PW(1)

NAME
       doveadm-pw - Dovecot's password hash generator

SYNOPSIS
       doveadm [-Dv] pw	-l
       doveadm [-Dv] pw	[-p password] [-r rounds] [-s scheme] [-u user]	[-V]
       doveadm [-Dv] pw	-t hash	[-p password] [-u user]

DESCRIPTION
       doveadm	pw  is used to generate	password hashes	for different password
       schemes and optionally verify the generated hash.

       All generated password hashes  have  a  {scheme}	 prefix,  for  example
       {SHA512-CRYPT.HEX}.   All  passdbs  have	a default scheme for passwords
       stored without the {scheme} prefix.  The	default	scheme can be overrid-
       den by storing the password with	the scheme prefix.

OPTIONS
       Global doveadm(1) options:

       -D     Enables verbosity	and debug messages.

       -o setting=value
	      Overrides	 the  configuration  setting from /usr/local/etc/dove-
	      cot/dovecot.conf and from	the userdb with	the given  value.   In
	      order to override	multiple settings, the -o option may be	speci-
	      fied multiple times.

       -v     Enables verbosity, including progress counter.

       Command specific	options:

       -l     List all supported password schemes and exit successfully.
	      There are	up  to	three  optional	 password  schemes:  BLF-CRYPT
	      (Blowfish	 crypt),  SHA256-CRYPT and SHA512-CRYPT.  Their	avail-
	      ability depends on the system's currently	used libc.

       -p password
	      The plain	text password for which	the hash should	be  generated.
	      If  no  password	was given doveadm(1) will prompt interactively
	      for one.

       -r rounds
	      The password schemes  BLF-CRYPT,	SHA256-CRYPT and  SHA512-CRYPT
	      supports	a variable number of encryption	rounds.	 The following
	      table shows the minimum/maximum number of	encryption rounds  per
	      scheme.	When  the  -r option was omitted the default number of
	      encryption rounds	will be	applied.

	       Scheme	    | Minimum |	Maximum	  | Default
	      ----------------------------------------------
	       BLF-CRYPT    |	    4 |	       31 |	  5
	       SHA256-CRYPT |	 1000 |	999999999 |    5000
	       SHA512-CRYPT |	 1000 |	999999999 |    5000

       -s scheme
	      The password scheme which	should be used to generate the	hashed
	      password.	  By  default the CRAM-MD5 scheme will be used.	 It is
	      also possible to append an encoding suffix to the	scheme.	  Sup-
	      ported encoding suffixes are: .b64, .base64 and .hex.
	      See also http://wiki2.dovecot.org/Authentication/PasswordSchemes
	      for more details about password schemes.

       -t hash
	      Test if the given	password hash matches a	given plain text pass-
	      word.  You should	enclose	the password hash in single quotes, if
	      it contains one or more dollar signs ($).	 The plain text	 pass-
	      word  may	 be  passed using the -p option.  When no password was
	      specified, doveadm(1) will prompt	interactively for one.

       -u user
	      When the DIGEST-MD5 scheme is used, also the user	name  must  be
	      given,  because  the  user name is a part	of the generated hash.
	      For  more	 information  about  Digest-MD5	 please	  read	 also:
	      http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5

       -V     When  this  option  is given, the	hashed password	will be	inter-
	      nally verified.  The result of the verification  will  be	 shown
	      after the	hashed password, enclosed in parenthesis.

EXAMPLE
       The  first password hash	is a DIGEST-MD5	hash for jane.roe@example.com.
       The second password hash	is a CRAM-MD5 hash for john.doe@example.com.

       doveadm pw -s digest-md5	-u jane.roe@example.com
       Enter new password:
       Retype new password:
       {DIGEST-MD5}9b9dcb4466233a9307bbc33708dffda0
       doveadm pw
       Enter new password:
       Retype new password:
       {CRAM-MD5}913331d8782236a8ecba7764a63aa27b26437fd40ca878d887f11d81245c2c6b

REPORTING BUGS
       Report bugs, including doveconf -n output, to the Dovecot Mailing  List
       <dovecot@dovecot.org>.	Information  about reporting bugs is available
       at: http://dovecot.org/bugreport.html

SEE ALSO
       doveadm(1)

Dovecot	v2.3			  2015-06-05			 DOVEADM-PW(1)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLE | REPORTING BUGS | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=doveadm-pw&sektion=1&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help