Workaround for (some) Problems: Can´t login in Rainloop — CyberPanel - WebHosting Control Panel for OpenLiteSpeed
CyberLoader

Workaround for (some) Problems: Can´t login in Rainloop

After testing a lot (nearly 30 installations of CP on VM´s with Ubuntu 18 and 20 and Centos 7 and 8) I figured out a workaround for the Problem:

Cant login to rainloop.

Because the behaviour ONLY is on Ubuntu Installations I go a lit deeper and figured out:

Cyberpanel in last version (2.1.1) uses bcrypt to encrypt mail passwords to it´s own authentication tabel in database. All passwords starting with {crypt} in the database.

Unfortunally nor Ubuntu 18 or Ubuntu 20 supports bcrypt as authentication for the used dovecot implementation (2.2.x).

So it comes, that password is correct encrypted wit bcrypt to the database by CP GUI, but Rainloop can´t verify the given password, because rainloop is not able to encrypt the entered password with bcrypt.

So any given password will never work!

My workaround is simple: Manual updating to dovecot 2.3.x, because since this version dovecot has build in bcrypt libraries.

You can do it with the following steps:

1) Add the reposity key of dovecot to the rpm key store:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 18A348AEED409DA1

2) Add the official dovecot Ubuntu Repo to sources.list

(this example is for Ubuntu 18)

sudo nano /etc/apt/sources.list.d/dovecot.list

insert into:

deb [arch=amd64] https://repo.dovecot.org/ce-2.3-latest/ubuntu/bionic bionic main

Save it and close editor

3) Do a:

sudo apt update

4) Do a:

sudo apt dist-upgrade

5) Reboot your machine.

After this Your rainloop login should run like a charme.

At the end I would like to say: I´m shocked, that CP team do big changes to the system (encrypt passwords) without testing it on the supported platforms! If Ubuntu IS SUPPORTED, you should testrun such deeply changes against (new) installations. There are a lot of problems and a lot of reports in forum, but so few solutions for it :-(

I Like CP a lot - I hope you can insert dovecot 2.3. to your installation scripts for CP, so nobody will run again into the trouble. It costs me one week to figure it out...

Best regards,
Kai

Comments

  • Thank you for the research, in fact we earlier used

    insert into:

    deb [arch=amd64] https://repo.dovecot.org/ce-2.3-latest/ubuntu/bionic bionic main

    But now focal have its own dovecot package. Was you installing directly or using provider image?
  • I installed on clean / fresh Ubuntu 18 (and 20, and Centos 7 and Cent OS8) virtual root machine at german "DomainFactory" jiffy Box (cloud) with your install script:

    https://cyberpanel.net/docs/installing-cyberpanel/

    I was wondering why te CP GUI can encrypt password correct {CRYPT} and why dovecot can´t crypt the given password to do the check. but dovecot self writes about it on their Website:

    https://doc.dovecot.org/configuration_manual/authentication/password_schemes/

    In the first grey box you can read:

    Note

    v2.2: bcrypt is not available on most Linux distributions). Since v2.3.0 this is provided by dovecot.


    It´s not a problem with CentOS installations of CB, but with Ubuntu, because the install script installs Dovecot 2.2.x and not 2.3.x.

    After Update with the mentioned way, all works fine :-)
  • I've installed fresh on Ubuntu 20.04 and as expected I already got Dovecot 2.3.x

    My provide is DigitalOcean, see the output

    [email protected]:~# apt list --installed | grep postfix

    WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

    postfix-mysql/focal-updates,now 3.4.13-0ubuntu1 amd64 [installed]
    postfix/focal-updates,now 3.4.13-0ubuntu1 amd64 [installed]
    [email protected]:~# apt list --installed | grep dovecot

    WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

    dovecot-core/focal-updates,focal-security,now 1:2.3.7.2-1ubuntu3.3 amd64 [installed,automatic]
    dovecot-imapd/focal-updates,focal-security,now 1:2.3.7.2-1ubuntu3.3 amd64 [installed]
    dovecot-mysql/focal-updates,focal-security,now 1:2.3.7.2-1ubuntu3.3 amd64 [installed]
    dovecot-pop3d/focal-updates,focal-security,now 1:2.3.7.2-1ubuntu3.3 amd64 [installed]
  • Maybe it´s an issue with my provider. They try to force to use their own mirrors for repos. Maybe it´s not actual
  • I have been having this issue as well for the past few days. Bought a test VPS and was looking at the error logs when I found "Invalid password in passdb: crypt() failed: Invalid argument" in the mail logs. So I searched the web and after some research came to the conclusion that dovecot needs upgrade. Kais provided a nice way to update the packages. Many thanks to Kais.

    I also would like to confirm that I tested fresh installs on ubuntu 18.04 and 20.04 as well and had the same errors both times. Seems like I had a 2.2.x installed. I think its an issue with some if not most providers Of course leaving out the well known ones such as Linode, Google, and Digital Ocean as said by usmannasir.

    And I also had some issues with SSL setup as well, which was sorted by manually entering the SSL.

    After updating, my login issue is gone and now just need to update the spam score.
    I signed up just to leave this comment.
    Once again thanks a lot to Kais.
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!