I'm trying to make this work, and it half works. Accounts with password hashes matching the old crypt(3) algorithm work just fine:
JUpfW/w6jo6aw
But accounts with longer password hashes preceded by $1$, such as the following, do not work:
$1$iIcbppdP$HDyjJeVMGgJ.ovLsnjtTR.
$1$SjC4EQzq$y8iVMbr5p.t83Jk5LHSWi0
The thing is, if I change a password on the new Debian system, it still uses the $1$... format (MD5 I think?) so apparently the old BSD system is using an older/different MD5 hashing algorithm.
Anyone know how I might make this work or if I might be doing something else wrong?
---------- Post updated at 02:21 PM ---------- Previous update was at 01:18 PM ----------
ok, things get stranger. I made a test account that transfers just fine using the md5 hash, but the one particular account (which happens to be the most important) doesn't work. I guess if it's the only one I can just do a passwd command for this one account
---------- Post updated at 04:45 PM ---------- Previous update was at 02:21 PM ----------
Ok, I don't think the problem is the md5 compatibility. I think it's something more subtle. I recall, when reading about PAM, that for security reasons, even if it's not the password stopping the login, the system may tell the user their password is bad.
So far I've noticed that people with the old crypt hash can log in to webmail no matter what. Unfortunately, I didn't test any shell logins for these users until I had changed all shells to /bin/bash
People with the MD5 hash apparently could not login to webmail unless the shell existed (Debian only has bash, and two links to bash from rbash and sh). I need to do a little more testing, but changing all shells to bash seems to have allowed all users to login now. No failures so far anyway.