Re: lug-bg: imap-uw Plaintext passwords
- Subject: Re: lug-bg: imap-uw Plaintext passwords
- From: Sava Chankov <sava@xxxxxxxxxxxxx>
- Date: Thu, 06 Nov 2003 10:26:49 +0200
- Organization: BlueBoard Ltd
Marian Popov wrote:
Zdraveite !
Cial den se boria s toia imap i oshte ne sym uspial da go podkaram.
Sluchai e slednia:
FreeBSD 5.1 RELEASE (Niakoi shte kajat che ne mu e tuk miastoto)
Instaliram sendmail i squirrelmail za webmail.
Imam nujda ot imap server i sled kato izchetoh google reshih
da sloja vse niakoi pyk koito trygne.
Zapochnah s cyrus, courier i nakraia imap-uw
I v trite sluchaia niamah plaintext authentication enabled.
I poneje imap-uw ostana posledno reshih da se zaema s nego.
Pyrvo provrih config faila i namerih slednia red.
# The mechanism used by the server to verify plaintext passwords. Possible
# values include "PAM", "kerberos_v4", "passwd", and "shadow"
#
#sasl_pwcheck_method: pwcheck
^^^^
За да правиш plaintext aвтентикация през SASL трябва да пуснеш saslauthd демона. Прочети малко повече за SASL, има добра документация.
--
Sava Chankov,
research and development
http://www.blueboard.biz
Title: Cyrus SASLv2 README
Read Me First
This document offers a general overview of the SASL library.
FEATURES
The following mechanisms are included in
this distribution:
- ANONYMOUS
- CRAM-MD5
- DIGEST-MD5
- EXTERNAL
- GSSAPI (MIT Kerberos 5 or Heimdal Kerberos 5)
- KERBEROS_V4
- LOGIN
- NTLM (requires OpenSSL libcrypto)
- OTP (requires OpenSSL libcrypto)
- PLAIN
- SRP (work in progress; requires OpenSSL libcrypto)
The library uses a Berkeley DB, gdbm or ndbm file on the server side
to store per-user authentication secrets. The utility
saslpasswd has been included for adding authentication
secrets to the file.
PLAIN uses the saslauthd (preferred and now standard), the pwcheck
daemon (obsolete), or an auxilliary property plugin (for example,
sasldb).
The sample directory contains two programs which provide a reference
for using the library, as well as making it easy to test a mechanism
on the command line. See programming.html for more information.
This library is believed to be thread safe IF:
- you supply mutex functions (see sasl_set_mutex())
- you make no libsasl calls until sasl_client/server_init() completes
- no libsasl calls are made after sasl_done() is begun
- the GSSAPI plugin requires a thread-safe GSS Kerberos 5 library.
INSTALLATION
If you are upgrading from libsasl v1, please see upgrading.html.
Please see the file install.html to install
this package. We hope it to be relatively straightforward; if you try
it on systems that we haven't, please contact us with your
experiences.
The library uses the environment variable SASL_PATH to locate the
directory where the mechanisms are; this should be a colon-separated
list of directories containing plugins.
INSTALLATION ON MAC OS X
Please read macosx.html
CONFIGURATION
By default, libsasl looks for configuration files in
/usr/lib/sasl/Appname.conf where Appname is settable by the
application (for example, Sendmail 8.10 and later set this to
"Sendmail"). Applications can also override this default
configuration mechanism.
For a detailed guide on configuring libsasl, please look at
sysadmin.html and options.html
KNOWN BUGS
- There are some interoperability problems with the DIGEST-MD5 plugin.
- libtool doesn't always link libraries together. In our environment,
we only have static Krb5 libraries; the GSSAPI plugin should link
these libraries in on platforms that support it (Solaris and Linux
among them) but it does not. It also doesn't always get the runpath
of libraries correct.
- Also see the "TODO" file and our bugzilla.
UPGRADING from Cyrus SASL v1
See upgrading.html.
AUTHORS
For any comments/suggestions/bug reports, please contact cyrus-bugs@xxxxxxxxxxxxxx.
Be sure to include the version of libsasl and your operating system;
messages without this information will not be answered.
Major contributors to the libsasl code can be found in the top-level
file AUTHORS. Additionally saslauthd has an AUTHORS file that lists
major contributors as well.
People considering doing binary distributions that include saslauthd
should be aware that the code is covered by several slightly different
(but compatible) licenses, due to how it was contributed. Details can
be found within the source code.
Back to the index
|