Please - correct me if I'm wrong - auxprop sasldb versus saslauthd sasldb

Reinaldo de Carvalho reinaldoc at gmail.com
Sun Aug 24 17:07:54 EDT 2008


> As far as I understand, both should authenticate against users in
> /etc/sasldb2 and provide the same mechanisms.
>
> I'm asking becaus on my Debian Etch 4.0r4a (stable) variant 1 works, but
> variant 2 doesn't and I dont know why. But I want to offer CRAM-MD5 and
> DIGEST-MD5 too and this is AFAIK only possible with variant 2.
>

saslauthd receive password as cleartext to be compatible with many
lookup types (pam, ldap, mysql). You must use TLS/SSL to improve
security.

-- 
Reinaldo de Carvalho
http://korreio.sf.net
http://python-cyrus.sf.net


More information about the Cyrus-sasl mailing list