Re: [courier-users] authdaemond password debugging
Mark Constable writes: On 02/09/14 12:49, Sam Varshavchik wrote: Sep 2 11:35:45 s2 authdaemond: supplied password 'user_pw' does not match passwd 'db_pw' a) does not provide the above line even though both have almost exactly the same settings. Why is a) not providing the 'does not match' line for failed passwords? account found, password doesn't match, versus account not found. Sam, thanks for the quick reply but it's a tad too cryptic :-) In both cases the user exists if that's what you mean. All I did on both servers, to test, was to change a current users pw to something incorrect. Both provided a LOGIN FAILED but a) seemed to be missing all the extra lines that reveal exactly what the incorrect passwd is (which is what I am after). For some reason, in one case the account was not found. The given vs existing password message is shown when everything was found, but the passwords did not match. That's the most likely reason. A less likely reason is that one is configured to store encrypted passwords, the other cleartext passwords. The existing password can only be shown when cleartext passwords are stored. In addition to comparing authdaemonrc, you also need to compare authmysqlrc as well. pgpDW1OQ3F7rh.pgp Description: PGP signature -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
[courier-users] authdaemond password debugging
a) server running Debian 6 w/ courier-authdaemon 0.63.0-3 b) server running Ubuntu 14.04 w/ courier-authdaemon 0.63.0-6ubuntu1 b) server provides the below when a password fails... Sep 2 11:35:45 s2 authdaemond: supplied password 'user_pw' does not match passwd 'db_pw' a) does not provide the above line even though both have almost exactly the same settings. Why is a) not providing the 'does not match' line for failed passwords? a) egrep -v ^(#|$) authdaemonrc | sort authdaemonvar=/var/run/courier/authdaemon authmodulelist=authmysql authmodulelistorig=authuserdb authpam authpgsql authldap authmysql authcustom authpipe daemons=20 DEBUG_LOGIN=2 DEFAULTOPTIONS= LOGGEROPTS= b) egrep -v ^(#|$) authdaemonrc | sort authdaemonvar=/var/run/courier/authdaemon authmodulelist=authmysql authmodulelistorig=authuserdb authpam authpgsql authldap authmysql authcustom authpipe daemons=5 DEBUG_LOGIN=2 DEFAULTOPTIONS= LOGGEROPTS= -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] authdaemond password debugging
Mark Constable writes: a) server running Debian 6 w/ courier-authdaemon 0.63.0-3 b) server running Ubuntu 14.04 w/ courier-authdaemon 0.63.0-6ubuntu1 b) server provides the below when a password fails... Sep 2 11:35:45 s2 authdaemond: supplied password 'user_pw' does not match passwd 'db_pw' a) does not provide the above line even though both have almost exactly the same settings. Why is a) not providing the 'does not match' line for failed passwords? account found, password doesn't match, versus account not found. pgpGYJSomv6NW.pgp Description: PGP signature -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] authdaemond password debugging
On 02/09/14 12:49, Sam Varshavchik wrote: Sep 2 11:35:45 s2 authdaemond: supplied password 'user_pw' does not match passwd 'db_pw' a) does not provide the above line even though both have almost exactly the same settings. Why is a) not providing the 'does not match' line for failed passwords? account found, password doesn't match, versus account not found. Sam, thanks for the quick reply but it's a tad too cryptic :-) In both cases the user exists if that's what you mean. All I did on both servers, to test, was to change a current users pw to something incorrect. Both provided a LOGIN FAILED but a) seemed to be missing all the extra lines that reveal exactly what the incorrect passwd is (which is what I am after). -- Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
