Hi!
JOYDEEP schrieb:
I am using cyrus with ldap basded authentication. I am usin PLAIN and
LOGIN mechanism in /etc/imapd.conf.
How can I enable digestmd5 and crammd5 now ?
Shared secret mechs in SASL2 are only available with sasldb or ldapdb
(do I forget any?) not with saslauthd.
So if you
On Fri, Apr 20, 2007 at 09:47:07AM +0530, JOYDEEP wrote:
Goetz Babin-Ebell wrote:
JOYDEEP schrieb:
Roberto R. Morelli wrote:
Hello Joydeep,
Then we have the cyrus sasl modules installed:
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-2.1.22-4
cyrus-sasl-lib-2.1.22-4
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
JOYDEEP schrieb:
Goetz Babin-Ebell wrote:
The problem is that cram-md5 and digest-md5 need direct access to the
pass phrase in plain text.
AFAIK LDAP doesn't support this.
You have to use TLS if you want to transmit the pass phrase securely...
On Fri, Apr 20, 2007 at 09:26:33AM +0200, Goetz Babin-Ebell wrote:
cram-md5 and digest-md5 require the pass phrase stored unencrypted.
This opens another can of worms...
(And AFAIK LDAP doesnt support them...)
OpenLDAP support unencrypted passwords.
WBR.
Dmitriy
Cyrus Home Page:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dmitriy Kirhlarov schrieb:
On Fri, Apr 20, 2007 at 09:47:07AM +0530, JOYDEEP wrote:
Goetz Babin-Ebell wrote:
JOYDEEP schrieb:
But I have come to know that digest-md5 and cram-md5 need sasldb. so
here I can't use it as my users and passwords are
En/na Goetz Babin-Ebell ha escrit:
cram-md5 and digest-md5 require the pass phrase stored unencrypted.
This opens another can of worms...
(And AFAIK LDAP doesnt support them...)
it does.
Bye
--
Luca Olivetti
Wetron Automatización S.A. http://www.wetron.es/
Tel. +34 93 5883004 Fax +34
Dmitriy Kirhlarov wrote:
On Fri, Apr 20, 2007 at 09:47:07AM +0530, JOYDEEP wrote:
Goetz Babin-Ebell wrote:
JOYDEEP schrieb:
Roberto R. Morelli wrote:
Hello Joydeep,
Then we have the cyrus sasl modules installed:
cyrus-sasl-md5-2.1.22-4
On Fri, Apr 20, 2007 at 10:55:19AM +0200, Goetz Babin-Ebell wrote:
1. have to store plaintext passwords in ldap directory.
2. ACL on ldap directory must be configured for open access to
userPassword field for read, not only for auth.
And with that open a can of worms I don't think Joydeep
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
JOYDEEP schrieb:
Roberto R. Morelli wrote:
Hello Joydeep,
Then we have the cyrus sasl modules installed:
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-2.1.22-4
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-plain-2.1.22-4
But I have come to know that digest-md5
Goetz Babin-Ebell wrote:
JOYDEEP schrieb:
Roberto R. Morelli wrote:
Hello Joydeep,
Then we have the cyrus sasl modules installed:
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-2.1.22-4
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-plain-2.1.22-4
But I have come to know that digest-md5 and cram-md5
Goetz Babin-Ebell wrote:
The problem is that cram-md5 and digest-md5 need direct access to the
pass phrase in plain text.
AFAIK LDAP doesn't support this.
You have to use TLS if you want to transmit the pass phrase securely...
Technically not true, you need the password hashed with the
Dear list,
I am using cyrus with ldap basded authentication. I am usin PLAIN and
LOGIN mechanism in /etc/imapd.conf.
How can I enable digestmd5 and crammd5 now ?
thanks
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info:
Hello,
Here is what we have in ours (linux rpm version):
#
# sasl stuff
#
sasl_auto_transition: yes
sasl_minimum_layer: 1
sasl_pwcheck_method: saslauthd
sasl_mech_list: DIGEST-MD5 CRAM-MD5 LOGIN
allowplainwithouttls: no
Then we have the cyrus sasl modules installed:
cyrus-sasl-md5-2.1.22-4
Roberto R. Morelli wrote:
Hello,
Here is what we have in ours (linux rpm version):
#
# sasl stuff
#
sasl_auto_transition: yes
sasl_minimum_layer: 1
sasl_pwcheck_method: saslauthd
sasl_mech_list: DIGEST-MD5 CRAM-MD5 LOGIN
allowplainwithouttls: no
Then we have the cyrus sasl modules
14 matches
Mail list logo
