encrypt password/string in MariaDB (mailserver purpose)

English Network/Internet
#1

I set up a mail server and the users info is in the database. And here starts my question I wanna encrypt the paswords that are in the database I’m using MariaDB I’ve red this https://mariadb.com/kb/en/aes_encrypt/ so like I’ve a database users I do

INSERT INTO users (pass) VALUES (AES_ENCRYPT('text',SHA2('password',512)));

but what about that value 'text does it matter somewhat? I mean when user logs in and types password would it matter?
And another question I’ve binded myql with postfix this way

/etc/postfix/mysql_mailbox.cf

lloks like that

 user=mail 
password=*mailPASSWORD* 
dbname=maildb 
table=users 
select_field=maildir 
where_field=id 
hosts=127.0.0.1 
additional_conditions = and enabled = 1

but I want multiple users so there’d be different values for different users in table : users ->field : pass but in that file /mailbox.cf there’s only one .
I know I can use yast ->network services-> mail server but there’s only option for one user i.e. I’ve set up the server manually and the changes will over yast will overwrite the files like /etc/postfix/main.cf I’ve virtual users…

#2

‘text’ : the passwords of your users
‘password’ : the key to encrypt/decrypt your users passwords

More reading:
http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html#function_aes-encrypt

Hendrik

#3

thanks so the ‘password’ (the encryption key as you said ) in that command belongs to field : password = mailPASSWORD in table users right?

#4

No. ‘text’ is the placeholder for whatever content you want to encrypt, here your “mailPASSWORD”.

In your example:

AES_ENCRYPT('mailPASSWORD',SHA2('crypt_key',512))

The application, that want’s to read/write your mailuser account’s passwords, has to provide the “crypt_key”.

Hendrik