On 09/10/2011 13:17, Phil Pennock wrote:
On 2011-10-08 at 13:28 +0100, Colin wrote:
[email protected]:$1$SgeC%ghWgjwRfksWFAKefgnl432GI74::
(for reference I have made up most of the characters in the password
string so it is not a valid password)
I have then copied this to a Centos 6 server as /etc/exim/passwd. The
server is running a fairly standard copy of Exim, but I don't seem to be
able to get password authentication to work.
I have dug up several guides, but they all seem to talk about using md5
passwords or PAM into the system accounts. None of these accounts are or
should be in the normal /etc/passwd.
For PAM, there's a "pam_pwdfile" module:
http://www.cpbotha.net/pam_pwdfile.html
which I've used in the past for software other than Exim. For that,
it's usercode:crypted format, so you'll need to lose the trailing empty
fields.
If you wish to remove PAM, note that Exim's crypteq{}{} expansion
condition will use the system crypt() routine (if the crypted content
does not start with an LDAP-style tag); most modern systems use that $1$
style crypt-tagging syntax for their native crypt() routine. So again,
if you remove those trailing colons, you can do this easily enough.
Then you'd have something like (untested):
auth_plain:
driver = plaintext
public_name = PLAIN
server_advertise_condition = ${if def:tls_cipher}
server_prompts = :
server_condition = ${lookup{$auth2}lsearch{/etc/exim/passwd}\
{${if crypteq{$auth3}{$value}}} {false}}
server_set_id = ${quote:$auth2}
-Phil
Thank you very much for the reply Phil.
Your untested auth_plain works a charm. I've amended my collection
script to not put the :: on the end and authentication now seems to
work. Turns out I'd followed a guide that used md5 passwords and had an
md5 check in the condition which of course wouldn't work seen as the
passwords aren't md5 passwords. All the OS concerned are CentOS 6 built
exactly the same so no problems with different routines.
Its late here so I've put it in place on a backup server and will give
it thorough testing tomorrow evening out of hours.
Much appreciated.
Regards,
Colin.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
