Support For Argon2 For Password Hashing
Is there any information on adding support for Argon2?
I have been working on my new mailserver and this came up in moving from the default MD5 hash to more ‘modern’ hashes like SHA256 and SHA512.
Then I was pointed to the work behind Argon2, and I see that it is moving through the IRTF cfrg workgroup:
draft-irtf-cfrg-argon2-04.txt
It is a ‘purpose built’ hash for passwords, with recommendations that new implementations use it. Of course can’t use it if crypt does not support it….
thanks
3 thoughts on - Support For Argon2 For Password Hashing
Am 13.02.2019 um 14:18 schrieb Robert Moskowitz:
Did you check the RHEL 8 beta?
Alexander
The version of libsodium in EPEL supports argon2
For php you can build the libsodium extension. Also php 7.2+ builds that extension if you specify it build time using –with-sodium=shared switch.
For dovecot you have to build it against sodium which means building your own packages but it works. At least with modern upstream dovecot.
I found that EPEL has argon2-20161029-2, but the dovecot 2.2.36 in C7
does not use it.
If I were to compile dovecot 2.3, it comes with argon2 built in.
I don’t want to get into the build business, I have other things demanding my time. It would be nice to have argon2, but my server is small, and sha512 is a lot better than md5.