.\" Copyright (c) 2010-2013 Dovecot authors, see the included COPYING file .TH DOVEADM\-PW 1M "2013-08-17" "Dovecot v2.2" "Dovecot" .SH NAME doveadm pw \- Dovecot\'s password hash generator .\"------------------------------------------------------------------------ .SH SYNOPSIS .nh .na .HP \" ./global-options-short.inc \" ./master-options-short.inc \fBdoveadm pw\fR [\-D] [\-F\ \fIformatter\fR] [\-v] [\-c\ \fIfile\fR|\-i\ \fIinstance\fR] [\-k] [\-L] [\-O] [\-o\ \fIsetting\fB=\fIvalue\fR]... \-l .HP \" ./global-options-short.inc \" ./master-options-short.inc \fBdoveadm pw\fR [\-D] [\-F\ \fIformatter\fR] [\-v] [\-c\ \fIfile\fR|\-i\ \fIinstance\fR] [\-k] [\-L] [\-O] [\-o\ \fIsetting\fB=\fIvalue\fR]... [\-p\ \fIpassword\fR] [\-r\ \fIrounds\fR] [\-s\ \fIscheme\fR] [\u\ \fIuser\fR] [\-V] .HP \" ./global-options-short.inc \" ./master-options-short.inc \fBdoveadm pw\fR [\-D] [\-F\ \fIformatter\fR] [\-v] [\-c\ \fIfile\fR|\-i\ \fIinstance\fR] [\-k] [\-L] [\-O] [\-o\ \fIsetting\fB=\fIvalue\fR]... \-t \fIhash\fR [\-p\ \fIpassword\fR] .ad .hy .\"------------------------------------------------------------------------ .SH DESCRIPTION This command is used to generate password hashes for different password schemes and optionally verify the generated hash. .P All generated password hashes have a \fB{\fIscheme\fB}\fR prefix, for example \fB{SHA512\-CRYPT.HEX}\fR. All \fBpassdb\fRs have a default scheme for passwords stored without the \fB{\fIscheme\fB}\fR prefix. The default scheme can be overridden by storing the password with the scheme prefix. .P .\"------------------------------------------------------------------------ \" ./global-options.inc \" vim: ts=4 sw=4 filetype=nroff .TP .B \-D Enables verbosity and debug messages. .TP .BI \-F\ formatter Specifies the \fIformatter\fR for formatting the output. Supported formatters are: .RS .TP 2 .B flow Prints each line with .IB key = value pairs. .TP .B pager Prints each .IB key = value pair on its own line and separates records with form feed character (\fB^L\fR). .TP .B tab Prints a table header followed by tab separated value lines. .TP .B table Prints a table header followed by adjusted value lines. .RE .TP .B \-v Enables verbosity, including progress counter. \" ./master-options.inc \" vim: ts=4 sw=4 filetype=nroff .TP .BI \-c\ file Read configuration from the given \fIfile\fR. By default \fI/etc/dovecot/dovecot.conf\fR will be used. .TP .BI \-i\ instance Get the configuration from the instance with the name \fIinstance\fR. .TP .B \-k Keep environment, i.e. when executing a new process do not explicitly set the environment variables HOME, USER and when reading configurations, don\'t overwrite currently set environment variables with corresponding settings. Usually used internally, only. .TP .B \-L Log directly. .TP .B \-O Don\'t read settings, but use whatever is in the environment. .TP .BI \-o\ setting = value Overrides the \fIsetting\fR from the current configuration with the given \fIvalue\fR (can be specified multiple times). E.g. with \-o dsync_alt_char=c one is able to overwrite the character to use as an replacement for all invalid characters encountered within a mailbox name (per default \'\fB_\fR'). .P Command specific options: .\"------------------------------------- .TP .B \-l List all supported password schemes and exit. There are up to three optional password schemes: .BR BLF\-CRYPT " (Blowfish crypt)," .BR SHA256\-CRYPT\ and .BR SHA512\-CRYPT . Their availability depends on the operating system. .\"------------------------------------- .TP .BI \-p\ password The plain text .I password for which the hash should be generated. If not given .BR doveadm (1M) will prompt interactively for one. .\"------------------------------------- .TP .BI \-r\ rounds The number of encryption rounds to apply to the supplied password. The password schemes .BR BLF\-CRYPT , .BR SHA256\-CRYPT\ and .B SHA512\-CRYPT supports a variable number of encryption rounds . The following table shows the minimum/maximum number of encryption rounds per scheme. When the .B \-r option was omitted the default number of encryption rounds will be applied. .\" .nf Scheme | Minimum | Maximum | Default ---------------------------------------------- BLF\-CRYPT | 4 | 31 | 5 SHA256\-CRYPT | 1000 | 999999999 | 5000 SHA512\-CRYPT | 1000 | 999999999 | 5000 .fi .\"------------------------------------- .TP .BI \-s\ scheme The name of the password scheme to use to generate the hashed password. By default \fBCRAM\-MD5\fR will be used. It is also possible to append an encoding suffix to the scheme name. Supported encoding suffixes are: \fB.b64\fR, \fB.base64\fR and \fB.hex\fR. For more details about password schemes see http://wiki2.dovecot.org/Authentication/PasswordSchemes .\"------------------------------------- .TP .BI \-t\ hash The hash to test against a supplied password. .\"------------------------------------- .TP .BI \-u\ user When the .B DIGEST\-MD5 scheme is used, also the .I user name must be given, because the user name is a part of the generated hash. For more information about Digest\-MD5 please read also: http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5 .\"------------------------------------- .TP .B \-V When this option is given, the hashed password will be internally verified. The result of the verification will be shown after the hashed password, enclosed in parenthesis. .\"------------------------------------------------------------------------ .SH EXAMPLES Generate a DIGEST\-MD5 password hash for jane.roe@example.com: .RS 3 .nf .B doveadm pw \-s digest\-md5 \-u jane.roe@example.com Enter new password: Retype new password: {DIGEST\-MD5}9b9dcb4466233a9307bbc33708dffda0 .fi .RE .P Generate a CRAM\-MD5 password hash for john.doe@example.com: .RS 3 .nf .B doveadm pw Enter new password: Retype new password: {CRAM\-MD5}913331d8782236a8ecba7764a63aa27b26437fd40ca878d887f11d81245c2c6b .fi .RE .\"------------------------------------------------------------------------ .SH SEE ALSO .BR doveadm (1M) .\"------------------------------------------------------------------------ \" ./reporting-bugs.inc .SH REPORTING BUGS Report bugs, including \fBdoveconf \-n\fR output, to the dovecot Mailing List . Information about reporting bugs is available at: http://dovecot.org/bugreport.html