[CentOS] Support for Argon2 for password hashing

Wed Feb 13 20:28:08 UTC 2019
Robert Moskowitz <rgm at htt-consult.com>

I found that EPEL has argon2-20161029-2, but the dovecot 2.2.36 in C7 
does not use it.

If I were to compile dovecot 2.3, it comes with argon2 built in.

I don't want to get into the build business, I have other things 
demanding my time.  It would be nice to have argon2, but my server is 
small, and sha512 is a lot better than md5.



On 2/13/19 1:57 PM, Alice Wonder wrote:
> The version of libsodium in EPEL supports argon2
>
> For php you can build the libsodium extension. Also php 7.2+ builds 
> that extension if you specify it build time using --with-sodium=shared 
> switch.
>
> For dovecot you have to build it against sodium which means building 
> your own packages but it works. At least with modern upstream dovecot.
>
> On 2/13/19 5:18 AM, Robert Moskowitz wrote:
>> Is there any information on adding support for Argon2?
>>
>> I have been working on my new mailserver and this came up in moving 
>> from the default MD5 hash to more 'modern' hashes like SHA256 and 
>> SHA512. Then I was pointed to the work behind Argon2, and I see that 
>> it is moving through the IRTF cfrg workgroup:
>>
>> draft-irtf-cfrg-argon2-04.txt
>>
>> It is a 'purpose built' hash for passwords, with recommendations that 
>> new implementations use it.  Of course can't use it if crypt does not 
>> support it....
>>
>> thanks
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos