copy mysql user password ? (sqlu_pass)

[Eminos]

Hi,

I recreated/copied some databases and recreated their users on a new ispcp server. I would now like to copy the passwords from the sql_user table, but it doesn't seem to work.

If I change the password in the control panel (ispCP) it works (of course), but I would like to copy the passwords in phpmyadmin from the old sql_user to the new one on the new server.

If I set THE SAME password via ispCP control panel, it doesn't generate the same output in the sql_user table on the old and the new server.

Could someone explain?
Why doesn't this seem to work?

Thanks in advance..

/E

---

Oh yes, and the old ispCP is 1.0.0 and the new one is 1.0.3-1.
Has the sqlu_pass crypt hash changed ?

[kilburn]

(02-07-2010 12:54 AM)Eminos Wrote:  Oh yes, and the old ispCP is 1.0.0 and the new one is 1.0.3-1.
Has the sqlu_pass crypt hash changed ?

No, what's different is the encryption key used by your servers. These keys are generated during the installation, so to export passwords from one server to another you have to either:

- Decrypt the passwords first (using the key from "server1") and re-encrypt them afterwards (using the key from "server2")
- Use the same encryption keys on both servers.

Extra hint: the encryption keys are stored in the following three files:

Code:

/var/www/ispcp/engine/messager/ispcp-db-keys.pl
/var/www/ispcp/engine/ispcp-db-keys.pl
/var/www/ispcp/gui/include/ispcp-db-keys.php

[Eminos]

Great answer. Thanks.

Because I have already created some new sites the complete use of the old encryption keys is not possible (I would break the new passwords).

How can I de-crypt with old encryption keys and re-encrypt with new ones? I have access to both the old and the new ispCP server.

Thanks in advance.

/E

[kilburn]

You can do it with the following functions (php):

Code:

function decrypt_db_password ($db_pass, $ispcp_db_pass_key, $ispcp_db_pass_iv) {
        if ($db_pass == '')
                return '';

        if (extension_loaded('mcrypt') || @dl('mcrypt.' . PHP_SHLIB_SUFFIX)) {
                $text = @base64_decode($db_pass . "\n");
                // Open the cipher
                $td = @mcrypt_module_open ('blowfish', '', 'cbc', '');
                // Create key
                $key = $ispcp_db_pass_key;
                // Create the IV and determine the keysize length
                $iv = $ispcp_db_pass_iv;

                // Intialize encryption
                @mcrypt_generic_init ($td, $key, $iv);
                // Decrypt encrypted string
                $decrypted = @mdecrypt_generic ($td, $text);
                @mcrypt_module_close ($td);

                // Show string
                return trim($decrypted);
        } else {
                die();
        }
}

function encrypt_db_password($db_pass, $ispcp_db_pass_key, $ispcp_db_pass_iv){
        if (extension_loaded('mcrypt') || @dl('mcrypt.' . PHP_SHLIB_SUFFIX)) {
                $td = @mcrypt_module_open (MCRYPT_BLOWFISH, '', 'cbc', '');
                // Create key
                $key = $ispcp_db_pass_key;
                // Create the IV and determine the keysize length
                $iv = $ispcp_db_pass_iv;

                //compatibility with used perl pads
                $block_size=@mcrypt_enc_get_block_size($td);
                $strlen=strlen($db_pass);

                $pads=$block_size-$strlen % $block_size;

                for ($i=0; $i<$pads;$i++){
                        $db_pass.=" ";
                }
                // Intialize encryption
                @mcrypt_generic_init ($td, $key, $iv);
                //Encrypt string
                $encrypted = @mcrypt_generic ($td, $db_pass);
                @mcrypt_generic_deinit($td);
                @mcrypt_module_close($td);

                $text = @base64_encode("$encrypted");
                $text=trim($text);
                return $text;
        } else {
                die("ERROR: The php-extension 'mcrypt' not loaded!");
        }
}