cyrus chokes after few logins
Sebastian Hagedorn
Hagedorn at uni-koeln.de
Sat Oct 14 16:55:07 EDT 2006
--On 14. Oktober 2006 16:38:05 +0200 "Martin G.H. Minkler"
<minkler at artegic.de> wrote:
> Solved!
Glad to hear it.
> It was the low entropy of /dev/random - after disallowing APOP everything
> is just fine. Apparently the default for APOP is _enabled_ - to turn it
> off it needs to be explicitly set to allowapop: no.
That's what I wrote yesterday ...
> Manpage doesn't state
> that either ~:-/
It sure does!
allowapop: 1
Allow use of the POP3 APOP authentication command.
Note that this command requires that SASL is compiled with APOP
sup-
port, that the plaintext passwords are available in a SASL
auxprop
backend (eg. sasldb), and that the system can provide enough
entropy
(eg. from /dev/urandom) to create a challenge in the banner.
The "1" indicates that it's on by default ... this is version 2.2.12.
--On 14. Oktober 2006 16:40:31 +0200 "Martin G.H. Minkler"
<minkler at artegic.de> wrote:
> Sebastian Hagedorn schrieb:
>
>>> Just checked again - if I was to enable APOP, how could I set the random
>>> source for sasl?
>>
>> You have to specify the source prior to compilation with "configure":
>>
>> --with-devrandom=PATH set the path to /dev/random [/dev/random]
>
> Any way to achieve the same effect with debian packages?
You need to ask the Debian people for that.
> A startup option maybe?
Hardly.
--
.:.Sebastian Hagedorn - RZKR-R1 (Gebäude 52), Zimmer 18.:.
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
.:.Universität zu Köln / Cologne University - Tel. +49-221-478-5587.:.
.:.:.:.Skype: shagedorn.:.:.:.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/cyrus-sasl/attachments/20061014/9861fb31/attachment.bin
More information about the Cyrus-sasl
mailing list