Getting sasldb2 to work
Alexander Skwar
listen at alexander.skwar.name
Sun Nov 20 10:00:03 EST 2005
Hello.
I'd like to use cyrus-sasl-2.1.21 together with Postfix
to have it support SMTP AUTH. As there's just a small
number of users, sasldb2 will do. System will be a Linux
running kernel
askwar at HD:~$ uname -a
Linux HD 2.4.20_mipsel_linkstation #88 2005ǯ 2�25� �� 20:17:00 JST mips GNU/Linux
I downloaded cyrus-sasl-2.1.21 and ran:
./configure --enable-login --prefix=/usr --sysconfdir=/etc/sasl2 \
--disable-dependency-tracking --with-dbpath=/etc/sasl2/sasldb2 \
&& make && make install && mkdir -p /etc/sasl2
To do some basic checking of sasl2, I'd like to use the
sasl2 sample/server and sample/client. Before starting
the server, I created a sample.conf:
askwar at HD:/share/Linkstation/Pakete/Sources/sasl/cyrus-sasl-2.1.21$ cat /usr/lib/sasl2/sample.conf
# Global parameters
log_level: 3
pwcheck_method: auxprop
mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
# auxiliary Plugin parameters
auxprop_plugin: sasldb
sasldb_path: /etc/sasl2/sasldb2
I then created a test user with saslpasswd2:
root at HD:/etc/sasl2# echo -n CielfAut3 | /usr/sbin/saslpasswd2 -p -c eelzeejoj
(Yes, I am aware that I now gave away the password.)
This resulted in a /etc/sasl2/sasldb2 being created:
root at HD:/etc/sasl2# strings /etc/sasl2/sasldb2
md5 0499 HD3449 210147dcd18cbaf0 00000000000000000000
eelzeejoj
cmusaslsecretOTP
CielfAut3
eelzeejoj
userPassword
After that, I started the sample server:
askwar at HD:/share/Linkstation/Pakete/Sources/sasl/cyrus-sasl-2.1.21/sample$ ./server -s rcmd -p 12345 -m PLAIN
trying 2, 2, 6
trying 10, 2, 6
socket: Address family not supported by protocol
On a different terminal on the same box I started the sample client:
askwar at HD:/share/Linkstation/Pakete/Sources/sasl/cyrus-sasl-2.1.21/sample$ ./client -p 12345 -s rcmd -m PLAIN 127.0.0.1
receiving capability list... recv: {5}
PLAIN
PLAIN
please enter an authentication id:
What do I now enter? Do I enter the username as
authentication id? After that, I'm prompted for a
authorization id. What to enter? Username again?
Then I'm prompted for a password - and so I entered
it:
please enter an authentication id: eelzeejoj
please enter an authorization id: eelzeejoj
Password:
send: {5}
PLAIN
send: {1}
Y
send: {29}
eelzeejoj[0]eelzeejoj[0]CielfAut3
authentication failed
closing connection
Having a look on the server terminal, I see the
following output:
accepted new connection
send: {5}
PLAIN
recv: {5}
PLAIN
recv: {1}
Y
recv: {29}
eelzeejoj[0]eelzeejoj[0]CielfAut3
starting SASL negotiation: user not foundclosing connection
Why is it saying "user not found"? What's the username
that I should use?
I also tried to specify a "DOM", like so:
# echo nicJiUt5 | /usr/sbin/saslpasswd2 -c -p -u bei.digitalprojects.com nolon5an
But how do I specify this dom? As auth* id, I tried nolon5an
and nolon5an at bei.digitalprojects.com - but still always
"user not found" :(
How do I do it correctly?
I also tried to integrate that into postfix smtpd. For this,
I copied sample.conf to smtpd.conf and added to Postfix' main.cf:
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_auth_enable = yes
I then tried to login with Thunderbird to the SMTP server.
Didn't work - I suppose because of the same reasons why the
sample server/client don't work.
Thanks,
Alexander Skwar
More information about the Cyrus-sasl
mailing list