Hello! I'm in the process of migrating a complete system (web, email, DNS etc) to a new ISPConfig3 server. I could migrate emails but can not migrate FTP users. Both kinds of users have MD5 passwords, I could modifies the files according to this: /usr/local/ispconfig/interface/web/mailuser/form/mail_user_password.tform.php From: 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', 'encryption' => 'CRYPT', 'default' => '', 'value' => '', 'width' => '30', 'maxlength' => '255' ), To: 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', 'encryption' => 'CRAM-MD5', 'default' => '', 'value' => '', 'width' => '30', 'maxlength' => '255' ), This file /usr/local/ispconfig/interface/web/mail/form/mail_user.tform.php From: 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', 'encryption'=> 'CRYPT', 'default' => '', 'value' => '', 'width' => '30', 'maxlength' => '255' ), To: 'password' => array ( 'datatype' => 'VARCHAR', 'formtype' => 'PASSWORD', 'encryption'=> 'CRAM-MD5', 'default' => '', 'value' => '', 'width' => '30', 'maxlength' => '255' ), this file /usr/local/ispconfig/interface/lib/classes/tform.inc.php From: // go trough all fields of the tab if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { // Wenn es kein leeres Passwortfeld ist if (!($field['formtype'] == 'PASSWORD' and $record[$key] == '')) { // Erzeuge Insert oder Update Quelltext if($action == "INSERT") { if($field['formtype'] == 'PASSWORD') { $sql_insert_key .= "`$key`, "; if($field['encryption'] == 'CRYPT') { $record[$key] = $app->auth->crypt_password(stripslashes($record[$key])); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } elseif ($field['encryption'] == 'MYSQL') { $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`"); $record[$key] = $tmp['crypted']; $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } elseif ($field['encryption'] == 'CLEARTEXT') { $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5(stripslashes($record[$key])); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { $sql_insert_key .= "`$key`, "; if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_insert_val .= "'".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_insert_val .= "'".$record[$key]."', "; } } else { $sql_insert_key .= "`$key`, "; $sql_insert_val .= "'".$record[$key]."', "; } } else { if($field['formtype'] == 'PASSWORD') { if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') { $record[$key] = $app->auth->crypt_password(stripslashes($record[$key])); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') { $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`"); $record[$key] = $tmp['crypted']; $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') { $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5(stripslashes($record[$key])); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_update .= "`$key` = '".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } } else { // we unset the password filed, if empty to tell the datalog function // that the password has not been changed unset($record[$key]); } } } To: // go trough all fields of the tab if(is_array($record)) { foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) { // Wenn es kein leeres Passwortfeld ist if (!($field['formtype'] == 'PASSWORD' and $record[$key] == '')) { // Erzeuge Insert oder Update Quelltext if($action == "INSERT") { if($field['formtype'] == 'PASSWORD') { $sql_insert_key .= "`$key`, "; if($field['encryption'] == 'CRYPT') { $record[$key] = $app->auth->crypt_password(stripslashes($record[$key])); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } elseif($field['encryption'] == 'CRAM-MD5') { $record[$key] = $app->auth->crammd5_password(stripslashes($record[$key])); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } elseif ($field['encryption'] == 'MYSQL') { $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`"); $record[$key] = $tmp['crypted']; $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } elseif ($field['encryption'] == 'CLEARTEXT') { $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5(stripslashes($record[$key])); $sql_insert_val .= "'".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { $sql_insert_key .= "`$key`, "; if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_insert_val .= "'".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_insert_val .= "'".$record[$key]."', "; } } else { $sql_insert_key .= "`$key`, "; $sql_insert_val .= "'".$record[$key]."', "; } } else { if($field['formtype'] == 'PASSWORD') { if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') { $record[$key] = $app->auth->crypt_password(stripslashes($record[$key])); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } elseif($field['encryption'] == 'CRAM-MD5') { $record[$key] = $app->auth->crammd5_password(stripslashes($record[$key])); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') { $tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`"); $record[$key] = $tmp['crypted']; $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') { $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } else { $record[$key] = md5(stripslashes($record[$key])); $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', "; } } elseif ($field['formtype'] == 'CHECKBOX') { if($record[$key] == '') { // if a checkbox is not set, we set it to the unchecked value $sql_update .= "`$key` = '".$field['value'][0]."', "; $record[$key] = $field['value'][0]; } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } else { $sql_update .= "`$key` = '".$record[$key]."', "; } } } else { // we unset the password filed, if empty to tell the datalog function // that the password has not been changed unset($record[$key]); } } } and this file /usr/local/ispconfig/interface/lib/classes/auth.inc.php I added: public function crammd5_password($cleartext_password) { $crypted_password = rtrim(shell_exec(escapeshellcmd("/usr/bin/doveadm pw -s CRAM-MD5 -p $cleartext_password"))); return str_replace("{CRAM-MD5}","",$crypted_password); } I used PLAIN-MD5 instead of CRAM-MD5. According to my understanding those files are responsible for passwords. I also changed Pure-FTPd config to use MD5. Now if I add a new FTP user its password starts with $1$ sting and I'm unable to login with it... Could you please help me to solve this?
ISPConfig uses crypt-md5 and not cram-md5. Crypt-md5 is the Linux starndard that is e.g. used in /etc/passwd.
Hello Till, Yes, that's clear. I was just demostrating what I changed. What I would like to achieve is be able to import existing FTP users and passwords to the new server which has ISPConfig3 installed. I believe that /usr/local/ispconfig/interface/lib/classes/tform.inc.php file is responsible for users and their passwords. I would like to know what to change and how to be able to import them. I already setup PureFTPd config to use MD5 instead of Crypt.
