sasldb2 storing clear text passwords.
Dan White
dwhite at olp.net
Tue Jul 22 10:00:17 EDT 2008
Erland Nylend wrote:
> Hello,
>
> I've set up a virtual test machine, with postfix and sasl, using
> sasldb, and things work as expected.
>
> My question: is it possible to store the passwords in /etc/sasldb2
> as a SHA og MD5 string?
>
> Storing all the users passwords in clear text is not a good thing.
>
> We are setting up tls on port 587, and only plan to support auth
> plain and login.. so storing the passwords in clear text should not
> be nescessary.
>
Erland,
If you don't require anything more than plain or login, then
there are several other options available to authenticate your
users within the SASL library other than the auxprop plugin (sasldb).
See the sysadmin documentation:
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/~checkout~/src/sasl/doc/sysadmin.html
for some other options on how to authenticate your users. For
instance, saslauthd does not require you to store your passwords
in the clear.
- Dan
More information about the Cyrus-sasl
mailing list