tials -
> particularly if you are using a chat-expect authorization like PLAIN or
> LOGIN. To have something that always works it is best to keep
> usernames and passwords to ASCII/UTF-7.
>
> This is not a SASL bug.
>
> This is an every-client-rolled-their-own issue. :(
>
mething that always works it is best to keep
usernames and passwords to ASCII/UTF-7.
This is not a SASL bug.
This is an every-client-rolled-their-own issue. :(
--
Meetings Coordinator, Michigan Association of Railroad Passengers
537 Shirley St NE Grand Rapids, MI 49503-1754 Phone: 616.581.
.
Recently, I have decided to replace all IMAP passwords by longer ones.
While this worked in the vast majority of cases, there were several
mailboxes where Cyrus / SASL refused the connection with the new
password. I have lost several hours of debugging this until the
following turned out:
As soon as the
passwords by longer ones.
While this worked in the vast majority of cases, there were several
mailboxes where Cyrus / SASL refused the connection with the new
password. I have lost several hours of debugging this until the
following turned out:
As soon as the password contained a paragraph character
Further to our previous discussion on the possibility of storing hashed
passwords in the imap authentication database.
I draw your attention to: http://www.ietf.org/rfc/rfc2195.txt, which
abstract clearly states;
"This specification provides a simple challenge-response authentication
pro
Scott Lambert : (Tue Mar 26 00:03:31 2013)
> On Mon, Mar 25, 2013 at 09:32:16PM +, Charles Bradshaw wrote:
> > Andy
> >
> > Thanks for the link. If you read on you will see that while PAM allows
> > storage of encrypted passwords in mysql, DIGEST-MD5 and CRAM-M
On 03/24/13 14:21 +, Charles Bradshaw wrote:
>In my /etc/imapd.conf I'm using:
>
>sasl_auxprop_plugin:sql
>sasl_sql_engine:mysql
>
>I want to store MD5 hashed passwords in my database. Is this possible?
SASL 2.1.26 contains support for 'pwcheck_method: auxprop-has
On Tue, 2013-03-26 at 10:17 +, Charles Bradshaw wrote:
> Thanks Guys
> I think it's finally sunk in. DIGEST-MD5 and CRAM-MD5 are mutually
> exclusive with hashed passwords.
> D'oh! I think I even posted that fact in answer to a previous thread.
No problem, it happens t
Thanks Guys
I think it's finally sunk in. DIGEST-MD5 and CRAM-MD5 are mutually
exclusive with hashed passwords.
D'oh! I think I even posted that fact in answer to a previous thread.
On Mon, 2013-03-25 at 21:09 -0400, Adam Tauno Williams wrote:
> On Mon, 2013-03-25 at 17:03 -0500,
On Mon, 2013-03-25 at 17:03 -0500, Scott Lambert wrote:
> On Mon, Mar 25, 2013 at 09:32:16PM +, Charles Bradshaw wrote:
> > Andy
> > Thanks for the link. If you read on you will see that while PAM allows
> > storage of encrypted passwords in mysql, DIGEST-MD5 and CRAM-MD
On Mon, Mar 25, 2013 at 09:32:16PM +, Charles Bradshaw wrote:
> Andy
>
> Thanks for the link. If you read on you will see that while PAM allows
> storage of encrypted passwords in mysql, DIGEST-MD5 and CRAM-MD5 can
> then NOT be used. That's definitely as step in the wrong
Andy
Thanks for the link. If you read on you will see that while PAM allows
storage of encrypted passwords in mysql, DIGEST-MD5 and CRAM-MD5 can
then NOT be used. That's definitely as step in the wrong direction.
I'm coming to the conclusion that I need understand the code well eno
On Sun, 24 Mar 2013, Charles Bradshaw wrote:
> In my /etc/imapd.conf I'm using:
>
> sasl_auxprop_plugin:sql
> sasl_sql_engine:mysql
>
> I want to store MD5 hashed passwords in my database. Is this possible?
>
> I was thinking about modifying the sql plugin to MD5 the
Adam
The end goal was simply stated previously: 'To store MD5 hashed
passwords in a mysql database'.
My reasons for wanting to do so are complex and NOT the subject of the
thread. Had I been seeking general advice about possibilities I might
have asked: Is it advisable to do such an
hods!
> It's about how to achieve password hashing in a mysql database.
> I have indicated how to use AES. Its' strength however is compromised by
> the necessity of revealing the key in many places.
> I would be most great-full, if anybody KNOWS:
> Is there a way to stor
e.
I have indicated how to use AES. Its' strength however is compromised by
the necessity of revealing the key in many places.
I would be most great-full, if anybody KNOWS:
Is there a way to store MD5 hashed passwords when using the mysql
plugin?
Security through obscurity is always a bad
On 25/03/2013, at 7:33, Charles Bradshaw wrote:
>> That seems very wrong to me.
>
> It might be a kludge, but it's not wrong. It avoids storing plain text
> passwords, which are always a risk. The purpose of MD5 digest is to make
> passwords truly private to the user. No
:21 +, Charles Bradshaw wrote:
> > In my /etc/imapd.conf I'm using:
> > sasl_auxprop_plugin:sql
> > sasl_sql_engine:mysql
> > I want to store MD5 hashed passwords in my database. Is this possible?
>
> I would *assume* that the database doesn't much care a
On Sun, 2013-03-24 at 14:21 +, Charles Bradshaw wrote:
> In my /etc/imapd.conf I'm using:
> sasl_auxprop_plugin:sql
> sasl_sql_engine:mysql
> I want to store MD5 hashed passwords in my database. Is this possible?
I would *assume* that the database doesn't much care abou
In my /etc/imapd.conf I'm using:
sasl_auxprop_plugin:sql
sasl_sql_engine:mysql
I want to store MD5 hashed passwords in my database. Is this possible?
I was thinking about modifying the sql plugin to MD5 the password before
comparison, but...
I'm no C programmer so understanding
will remove the CAS token previously cached
when
the mailer connects. So the webmail is disconnected.
There is a patch to allow saslauthd to cache several passwords for one
login but I would like to avoid this.
As far I can see, the cache depends on the service used (ie if I
connect via po
the mailer connects. So the webmail is disconnected.
There is a patch to allow saslauthd to cache several passwords for one
login but I would like to avoid this.
As far I can see, the cache depends on the service used (ie if I
connect via pop, the imap password is not cleared from the
saslauthd
pam_unix)
>>>
>>> That works fine.
>>>
>>> The problem is: when a user uses the webmail and uses also a mailer
>>> (using imap), saslauthd will remove the CAS token previously cached when
>>> the mailer connects. So the webmail is disconnected.
che several passwords for one
login but I would like to avoid this.
As far I can see, the cache depends on the service used (ie if I
connect via pop, the imap password is not cleared from the
saslauthd cache).
So I'm asking if there is a way to introduce another "service" on
cyrus
is disconnected.
>
> There is a patch to allow saslauthd to cache several passwords for one
> login but I would like to avoid this.
>
> As far I can see, the cache depends on the service used (ie if I
> connect via pop, the imap password is not cleared from the
> saslauthd cache).
>
er uses the webmail and uses also a mailer
(using imap), saslauthd will remove the CAS token previously cached when
the mailer connects. So the webmail is disconnected.
There is a patch to allow saslauthd to cache several passwords for one
login but I would like to avoid this.
As far I can see, the ca
On 04 Oct 2010, at 13:37, Patrick Goetz wrote:
> On 10/04/2010 12:29 PM, Andrew Morgan wrote:
>> cyrus-be4:~# cyradm --user cyrus --tlskey '' localhost
>
> That did it! The trick is to use --tlskey with an empty field as
> demonstrated above. Who knew?
That's a bug, please report it. It ought
On 04/10/10 11:51 -0500, Patrick Goetz wrote:
>On 10/04/2010 11:07 AM, Dan White wrote:
>>
>> You can connect via a non plaintext mechanism, like digest-md5.
>>
>
>This seems like a straightforward case of RTFM, but how does one
>determine the auth mechanism? I'm using saslauthd, pam, and have a
>
On Mon, 4 Oct 2010, Patrick Goetz wrote:
> On 10/04/2010 12:29 PM, Andrew Morgan wrote:
>>
>> cyrus-be4:~# cyradm --user cyrus --tlskey '' localhost
>
>
> That did it! The trick is to use --tlskey with an empty field as
> demonstrated above. Who knew?
>
> --
> ibis:~~$ cyradm --user pgoet
On 10/04/2010 12:29 PM, Andrew Morgan wrote:
>
> cyrus-be4:~# cyradm --user cyrus --tlskey '' localhost
That did it! The trick is to use --tlskey with an empty field as
demonstrated above. Who knew?
--
ibis:~~$ cyradm --user pgoetz --tlskey '' localhost
verify error:num=18:self signed
On Mon, 4 Oct 2010, Patrick Goetz wrote:
> On 10/04/2010 08:41 AM, Wesley Craig wrote:
>>
>> TLS isn't available to Cyrus::IMAP pre 2.3.2. I expect it's a bug.
>
>
> Sorry,I didn't specifically say that I'm using the latest release, 2.3.16.
>
>
> I find cyradm to be very convenient to use for sma
On 10/04/2010 11:41 AM, Wesley Craig wrote:
> I understood that, tho I did notice you pasted the 2.2.x error, not the 2.3.x
> error.
>
Nope, this is precisely the error I'm getting on my 2.3.16 install:
ibis:~~$ dpkg -l | grep cyrus-common
ii cyrus-common-2.32.3.16-1
Cyru
On 10/04/2010 11:07 AM, Dan White wrote:
>
> You can connect via a non plaintext mechanism, like digest-md5.
>
This seems like a straightforward case of RTFM, but how does one
determine the auth mechanism? I'm using saslauthd, pam, and have a
self-signed certificate (which I know works):
-
On 04 Oct 2010, at 10:26, Patrick Goetz wrote:
> Sorry,I didn't specifically say that I'm using the latest release, 2.3.16.
I understood that, tho I did notice you pasted the 2.2.x error, not the 2.3.x
error.
> I find cyradm to be very convenient to use for smaller sites, but is
> this essentia
On 04/10/10 09:26 -0500, Patrick Goetz wrote:
>On 10/04/2010 08:41 AM, Wesley Craig wrote:
>>
>> TLS isn't available to Cyrus::IMAP pre 2.3.2. I expect it's a bug.
>
>
>Sorry,I didn't specifically say that I'm using the latest release, 2.3.16.
>
>
>I find cyradm to be very convenient to use for sm
On 10/04/2010 08:41 AM, Wesley Craig wrote:
>
> TLS isn't available to Cyrus::IMAP pre 2.3.2. I expect it's a bug.
Sorry,I didn't specifically say that I'm using the latest release, 2.3.16.
I find cyradm to be very convenient to use for smaller sites, but is
this essentially a dead tool and I
I was having problems making Cyrus 2.2.x work with only encrypted
passwords. Setting
allowplaintext: no
in imapd.conf prevents plain text logins, but then cyradm stops working:
ibis:~etc$ cyradm localhost
Login disabled.
cyradm: cannot authenticate to server as pgoetz
I
On 04 Oct 2010, at 01:09, Patrick Goetz wrote:
> I was having problems making Cyrus 2.2.x work with only encrypted
> passwords. Setting
>
> allowplaintext: no
>
> in imapd.conf prevents plain text logins, but then cyradm stops working:
>
> ibis:~etc$ cyradm loca
Hello,
Marcus --> info-cyrus (2010-07-09 23:58:29 +0200):
> Am Donnerstag, den 08.07.2010, 21:07 +0200 schrieb Jukka Salmi:
> > Hi,
> >
> > I'm looking for a CGI program to allow users to change their SASLdb
> > passwords using their www browsers.
Am Donnerstag, den 08.07.2010, 21:07 +0200 schrieb Jukka Salmi:
> Hi,
>
> I'm looking for a CGI program to allow users to change their SASLdb
> passwords using their www browsers. I found masssaslpass but it looks
> suboptimal to say the least...
>
> Does anybody
Hi,
I'm looking for a CGI program to allow users to change their SASLdb
passwords using their www browsers. I found masssaslpass but it looks
suboptimal to say the least...
Does anybody know about such a program?
TIA, Jukka
--
This email fills a much-needed gap in the archives.
Hello there,
More SASL question but anyways..
Is there any possible way nowadays to use sql stored md5
hashed passwords if only plain login is needed? have to
connect cyrus imapd to existing user database.
Using pam and then sql seems like overhead for about 100.000
users at this moment, or not
n 22, 2008 9:05 PM, Rupert <[EMAIL PROTECTED]> wrote:
>
> > Dan White schrieb:
> > > rupert wrote:
> > >> Hi,
> > >> i have my murder cluster running, with passwords stored in a mysql
> > DB.
> > >> The only thing that bugs me no
On Jan 22, 2008 9:05 PM, Rupert <[EMAIL PROTECTED]> wrote:
> Dan White schrieb:
> > rupert wrote:
> >> Hi,
> >> i have my murder cluster running, with passwords stored in a mysql DB.
> >> The only thing that bugs me now is that the passwords are stored
Dan White schrieb:
> rupert wrote:
>> Hi,
>> i have my murder cluster running, with passwords stored in a mysql DB.
>> The only thing that bugs me now is that the passwords are stored in
>> plaintext inside the DB.
>> I am using fedora8 and will switch to CentOS on
rupert wrote:
> Hi,
> i have my murder cluster running, with passwords stored in a mysql DB.
> The only thing that bugs me now is that the passwords are stored in
> plaintext inside the DB.
> I am using fedora8 and will switch to CentOS once everything runs fine.
> Can i buil
Hi,
i have my murder cluster running, with passwords stored in a mysql DB.
The only thing that bugs me now is that the passwords are stored in
plaintext inside the DB.
I am using fedora8 and will switch to CentOS once everything runs fine.
Can i build a rpm module for sasl that exist beside the
ot outlook express.
>
> The workstation is xp with all the current patches. The
> server is red hat fedora core 5 with patches older than
> one week. The cyrus server is working, there is just a
> problem with ldap and changing passwords.
>
> Where do I look or any ideas on what
express.
So you are using what SASL mech?
> The workstation is xp with all the current patches. The
> server is red hat fedora core 5 with patches older than
> one week. The cyrus server is working, there is just a
> problem with ldap and changing passwords.
Did you change the password th
week. The cyrus server is working, there is just a
problem with ldap and changing passwords.
Where do I look or any ideas on what to change? This box
is begining to be used by others, so there is a limit
to what I can do during the day.
Oh, with the new password I was able to login using
&#
Ramprasad wrote:
Hi,
I am trying to design a custom mail archiving system for a cyrus
mailbox.
My scripts will login to the cyrus mailbox and depending on rulesets
fetch the mails and store them to particular directories on a different
server
Now Is it possible to configure cyrus to allow a
Am Saturday 16 September 2006 13:16 schrieb Ramprasad:
> I am trying to design a custom mail archiving system for a cyrus
> mailbox.
> My scripts will login to the cyrus mailbox and depending on rulesets
> fetch the mails and store them to particular directories on a different
> server
>
> Now I
Hi,
I am trying to design a custom mail archiving system for a cyrus
mailbox.
My scripts will login to the cyrus mailbox and depending on rulesets
fetch the mails and store them to particular directories on a different
server
Now Is it possible to configure cyrus to allow any password from a
On Mon, 21 Aug 2006 09:39:11 +0200, "former03|Baltasar Cevc" <[EMAIL
PROTECTED]> said:
> Hi Malcom,
>
> > I am currently migrating a large number of IMAP/POP accounts from one
> > server to another. The old server using a schema of CLIENTID-0,
> > CLIENTID-1 etc as the naming schema, and it is
former03|Baltasar Cevc wrote:
realm, your new ones in their own domain's.
Another possibility: perhaps Perdition or some other IMAP proxy can
help? I don't use it yet, but it has some nice options, e.g. it can
present accounts on different servers on one frontend. So perhaps it has
some featu
--On 21. August 2006 00:19:58 -0700 Nikola Milutinovic <[EMAIL PROTECTED]>
wrote:
I am currently migrating a large number of IMAP/POP accounts from one
server to another. The old server using a schema of CLIENTID-0,
CLIENTID-1 etc as the naming schema, and it is required that the new
server
> I am currently migrating a large number of IMAP/POP accounts from one
> server to another. The old server using a schema of CLIENTID-0,
> CLIENTID-1 etc as the naming schema, and it is required that the new
> server use the [EMAIL PROTECTED] naming schema.
If your "domain" is a default domain,
Hi Malcom,
I am currently migrating a large number of IMAP/POP accounts from one
server to another. The old server using a schema of CLIENTID-0,
CLIENTID-1 etc as the naming schema, and it is required that the new
server use the [EMAIL PROTECTED] naming schema.
You cold manage authorization u
Hello,
I have what is probably a fairly unusual requirement and am wondering if
anyone can suggest a possible solution.
I am currently migrating a large number of IMAP/POP accounts from one
server to another. The old server using a schema of CLIENTID-0,
CLIENTID-1 etc as the naming schema, and i
Haakon wrote:
>
> > We're about to migrate a server from Courier-IMAP to Cyrus-IMAP. The
> > Courier-server autheticates via authdaemond to a MySQL-server, and the
> > passwords in the MySQL-server are MD5-encrypted.
> >
> > I can not get authentication to
d to a MySQL-server, and the
> passwords in the MySQL-server are MD5-encrypted.
>
> I can not get authentication to work with Cyrus and SASL (with the SQL
> auxprop-plugin) with the encrypted passwords, only when the passwords
> are in plaintext. The question is, is there somethin
Haakon Gjersvik Eriksen wrote:
Hello, everyone
We're about to migrate a server from Courier-IMAP to Cyrus-IMAP. The
Courier-server autheticates via authdaemond to a MySQL-server, and the
passwords in the MySQL-server are MD5-encrypted.
I can not get authentication to work with Cyru
Hello, everyone
We're about to migrate a server from Courier-IMAP to Cyrus-IMAP. The
Courier-server autheticates via authdaemond to a MySQL-server, and the
passwords in the MySQL-server are MD5-encrypted.
I can not get authentication to work with Cyrus and SASL (with the SQL
auxprop-p
wo databases: one in LDAP, for Samba, and one
> >>>> in MySQL, for cyrus/mail.
> >>>>
> >>>> It's not very comfortable, as I have to do the things twice.
> >>>>
> >>>> So I thought of "leeching&qu
Craig White wrote:
(...)
Technically, I should be able to do this.
Perhaps it's not the best group to ask - what will happen if the
connection between the two LDAP server is broken, and we use referrals
as here [1]:
ref: ldap://b.example.net/dc=subtree,dc=example,dc=net
I would also s
wo databases: one in LDAP, for Samba, and one
> >>>> in MySQL, for cyrus/mail.
> >>>>
> >>>> It's not very comfortable, as I have to do the things twice.
> >>>>
> >>>> So I thought of "leeching&qu
Quoting Tomasz Chmielewski <[EMAIL PROTECTED]>:
See my other post - I have several LDAP servers, with different users.
Can Cyrus use multiple LDAP servers?
It could use multiple LDAP servers, but it would expect all servers to
know about all users (basically, replicated servers).
However, i
Quoting Tomasz Chmielewski <[EMAIL PROTECTED]>:
What encryption is used by Cyrus?
When I look into MySQL database, the password look like that:
abcDe12FGHiJK
So it's 13 characters.
What encryption is it?
Cyrus doesn't use any encryption to store passwords. Actually, i
o the things twice.
So I thought of "leeching" the users and passwords from the LDAP
database, filtering it through a script, and creating cyrus accounts
this way.
There is one problem though - Samba accounts use SSHA encryption, and
Cyrus doesn't.
What encryption is used by Cyru
Tarjei Huse wrote:
On ons, 2006-03-15 at 16:11 +0100, Tomasz Chmielewski wrote:
I have a user base in two databases: one in LDAP, for Samba, and one in
MySQL, for cyrus/mail.
It's not very comfortable, as I have to do the things twice.
So I thought of "leeching" the users and
On ons, 2006-03-15 at 16:11 +0100, Tomasz Chmielewski wrote:
> I have a user base in two databases: one in LDAP, for Samba, and one in
> MySQL, for cyrus/mail.
> It's not very comfortable, as I have to do the things twice.
>
> So I thought of "leeching" the use
t's not very comfortable, as I have to do the things twice.
> >>
> >> So I thought of "leeching" the users and passwords from the LDAP
> >> database, filtering it through a script, and creating cyrus accounts
> >> this way.
> >>
>
info-cyrus@lists.andrew.cmu.edu wrote:
Tomasz Chmielewski wrote:
I have a user base in two databases: one in LDAP, for Samba, and one
in MySQL, for cyrus/mail.
It's not very comfortable, as I have to do the things twice.
So I thought of "leeching" the users and password
I have a user base in two databases: one in LDAP, for Samba, and one in
MySQL, for cyrus/mail.
It's not very comfortable, as I have to do the things twice.
So I thought of "leeching" the users and passwords from the LDAP
database, filtering it through a script, and creating
s
>> >> crypt.
>> >> So, what i have to do? Is this possible and where can i find the
>> patch?
>> >
>> > Do you mean something like this ?
>> > http://frost.ath.cx/software/cyrus-sasl-patches/
>> >
>> > Simon
>> >
&
yrus-sasl-patches/
> >
> > Simon
> >
> >> Thanks a lot.
> >>
> >>> On Mon, 11 Apr 2005, Berger, Stefan (IT- Management) wrote:
> >>>> Hi,
> >>>>
> >>>> is there a possibility for use crypt mysql password
t;
>> Thanks a lot.
>>
>>
>>> On Mon, 11 Apr 2005, Berger, Stefan (IT- Management) wrote:
>>>
>>>> Hi,
>>>>
>>>> is there a possibility for use crypt mysql passwords with cyrus imap?
>>>> Is
>>>> there a patch
yrus-sasl-patches/
Simon
> Thanks a lot.
>
>
>> On Mon, 11 Apr 2005, Berger, Stefan (IT- Management) wrote:
>>
>>> Hi,
>>>
>>> is there a possibility for use crypt mysql passwords with cyrus imap?
>>> Is
>>> there a patch available
n (IT- Management) wrote:
> >> Hi,
> >>
> >> is there a possibility for use crypt mysql passwords with cyrus imap? Is
> >> there a patch available or any other solution? I've patched the cyrus
> >> sasl
> >> 2.1.19 and this works fine.
> >
ote:
>
>> Hi,
>>
>> is there a possibility for use crypt mysql passwords with cyrus imap? Is
>> there a patch available or any other solution? I've patched the cyrus
>> sasl
>> 2.1.19 and this works fine.
>
> Not for any scheme which is hash based, only sc
On Mon, 11 Apr 2005, Berger, Stefan (IT- Management) wrote:
Hi,
is there a possibility for use crypt mysql passwords with cyrus imap? Is
there a patch available or any other solution? I've patched the cyrus sasl
2.1.19 and this works fine.
Not for any scheme which is hash based, only sc
Hi,
is there a possibility for use crypt mysql passwords with cyrus imap? Is
there a patch available or any other solution? I've patched the cyrus sasl
2.1.19 and this works fine.
Thanks in advance!
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ:
Dear all,
I have installed cyrus imap on suse ES9 mail server , and want to use
POP3 for mails and authenticate users from /etc/shadow. So I add all
users to /etc/password and their passwords to /etc/shadow
For authenticate from shadow file , I changed
sasl_pwcheck_method: saslauthd
to
Shelley Waltz wrote:
Will "autotransition" transition existing md5 crypt passwords
into the sql database as md5 crypt passwords using the
checkpw patch described in this archive?
No, autotransition only works with plaintext passwords.
On Fri, 23 Jan 2004, Ken Murchison wrote:
Will "autotransition" transition existing md5 crypt passwords
into the sql database as md5 crypt passwords using the
checkpw patch described in this archive?
On Fri, 23 Jan 2004, Ken Murchison wrote:
Ted Cabeen wrote:
> Ken Murchison <[EMAIL PROTECTED]> writes:
&g
;
> Auxprop is a way better way to go than to use saslauthd, especially
> for
> mysql.
Yes. After all, pam_mysql/saslauthd combination adds unnecessary layers
to the authentication.
Someone correct me if I am wrong, but I think auxprop can't currently
handle passwords that are (hex) MD5 hash
> I had to use
> pam_mysql and run saslauthd -a pam. Works quite nicely.
> I also
> tried to use the sasl mysql auxprop plugin (or something like that),
> but it didn't work out then.
Auxprop is a way better way to go than to use saslauthd, especially for
mysql.
imho,
-j
Lainaus Shelley Waltz <[EMAIL PROTECTED]>:
> The more I have thought about it, I do not wish to have my users'
> passwords in plaintext anywhere. I have about 250 users with
> already
> encrypted md5 passwords in the shadow file. Is there a utility to
> migrate
> t
The more I have thought about it, I do not wish to have my users'
passwords in plaintext anywhere. I have about 250 users with already
encrypted md5 passwords in the shadow file. Is there a utility to migrate
this information the the MySQL mail database?
This will allow me to manage the
; subsequent to all users in the shadow file having auth'd once. ???
Because once the users are transitioned to the sql database, then you
can use *any* of the available SASL mechs.
> Also, why are the transitioned passwords stored in plaintext in the mysql
> datab
auth'd once. ???
Because once the users are transitioned to the sql database, then you
can use *any* of the available SASL mechs.
> Also, why are the transitioned passwords stored in plaintext in the mysql
> database?
The auxprop plugins are designed to *retrieve* the passwo
then you
can use *any* of the available SASL mechs.
Also, why are the transitioned passwords stored in plaintext in the mysql
database?
The auxprop plugins are designed to *retrieve* the password rather than
just *verify* the password. The plaintext password is needed to support
SASL mechs like
Ken,
Thanks for the very clear instructions on how this works. One thing
which does not make sense is the removal of the mech_list option
subsequent to all users in the shadow file having auth'd once. ???
Also, why are the transitioned passwords stored in plaintext in the mysql
dat
Ted Cabeen wrote:
Ken Murchison <[EMAIL PROTECTED]> writes:
Shelley Waltz wrote:
I am installing a new postfix-cyrus mail server.
I currently have cyrus-imap 1.6.24 authing PLAIN
from /etc/shadow.
I wish to migrate the passwords(md5) from the shadow file to
a mysql database and use t
Ken Murchison <[EMAIL PROTECTED]> writes:
> Shelley Waltz wrote:
>
>> I am installing a new postfix-cyrus mail server.
>> I currently have cyrus-imap 1.6.24 authing PLAIN
>> from /etc/shadow.
>> I wish to migrate the passwords(md5) from the shadow file to
>
gt; I wish to migrate the passwords(md5) from the shadow file to
> a mysql database and use this to auth PLAIN using TLS.
> Is there a script available to do so - to migrate the users
> from the shadow file and create the records for mysql authentication?
>
> I did sear
PLAIN
> from /etc/shadow.
>
> I wish to migrate the passwords(md5) from the shadow file to
> a mysql database and use this to auth PLAIN using TLS.
> Is there a script available to do so - to migrate the users
> from the shadow file and create the records
Shelley Waltz wrote:
I am installing a new postfix-cyrus mail server.
I currently have cyrus-imap 1.6.24 authing PLAIN
from /etc/shadow.
I wish to migrate the passwords(md5) from the shadow file to
a mysql database and use this to auth PLAIN using TLS.
Is there a script available to do so - to
I am installing a new postfix-cyrus mail server.
I currently have cyrus-imap 1.6.24 authing PLAIN
from /etc/shadow.
I wish to migrate the passwords(md5) from the shadow file to
a mysql database and use this to auth PLAIN using TLS.
Is there a script available to do so - to migrate the users
from
Hi,
Since I need to move the users away from /etc/shadow and the only solution
besides the LDAP one suggested (which I'd rather not like to implement) and
do SQL-query-logging (which I also wouldn't like to do since it can't be
limited to a specifc database ... can it?) ... is there a way to log t
1 - 100 of 118 matches
Mail list logo
