Hello,
I just installed ejabberd-15.07, configured it so that I'm using mysql db. I created a user, and it seems all the passwords get stored in plain text in the mysql db?
using:
- SL7.1
- Mariadb 5.5
I saw there was an option for hasing the user passwords if you are using internal authentication:
##auth_method: internal
## Store the plain passwords or hashed for SCRAM:
## auth_password_format: plain
##auth_password_format: scram
Is there a way to get the passwords hashed in the mysql db? In the documentation it doesn't mention it?
Yes, ejabberd_auth_odbc
Yes, ejabberd_auth_odbc supports SCRAM since 15.03. You can enable it using the same auth_password_format option as described for internal. And it isn't documented yet, I'll fix that.
Thanks!! I'll try it.
Thanks!! I'll try it.
Is there any more information
Is there any more information on that option? Because as soon as I activate that option:
auth_password_format: scram
My currently logged in user gets disconnected and when trying to login again I get failed with error: bad password, and every user I try to create already exists, even though they don't.
Even when cleaning out all my users, activating that option, restarten ejabberd, all the users I then try to create already exist. I'm probably missing something?