On Monday 15 December 2003 19:49, Peter J. Holzer wrote: > > Isn't that only true if you implement the CRAM-MD5 mechanism? IOW, PLAIN > > and LOGIN can be done without storing plaintext passwords. > > Yes. PLAIN and LOGIN can hash the transmitted password and compare > against a stored hash, e.g., as created by the Unix crypt function.
I had a bit of a fiddle last night with Digest::MD5 and crypt, in an attempt to make it encrypt a phrase in the same manner as /etc/shadow. If either will then we can authenticate against /etc/shadow itself, or where ever you wish to store MD5/crypt passwords, no matter which SASL authentication type is used. PAM is a possibility too, but I truely hate perls "documentation", and was too tired to think much. -- Mike Williams Systems Administrator â Comodo Research Lab Ltd Invent  Secureâ Office Tel Europe: +44 (0) 1274 730 505 Fax Europe: +44 (0) 1274 730 909. www.comodogroup.com, www.trustix.com, www.enterprisessl.com, www.seeos.com
