cyrus and gssapi
Jukka Salmi
j+asg at 2004.salmi.ch
Fri Aug 13 04:59:43 EDT 2004
Stephen --> info-cyrus (2004-08-13 10:09:32 +1200):
> I'm wondering if sasl_pwcheck_method in /etc/imapd.conf should be
> changed if one requires gssapi authentication. I tried setting it to
> "gssapi" but it didn't help. What should be value be?
Quoting imapd.conf(5):
sasl_pwcheck_method: <none>
The mechanism used by the server to verify plaintext
passwords. Possible values include "auxprop",
"saslauthd", and "pwcheck".
So you don't need to set sasl_pwcheck_method at all if you're going
to use GSSAPI authentication exclusively. However, if you need to
do plaintext authentication you should run saslauthd (-a kerberos5)
and set sasl_pwcheck_method to saslauthd.
> silver root # imtest -a cyrus -m login -p imap2 localhost
You can use "imtest -m gssapi ..." to test GSSAPI authentication.
HTH, Jukka
--
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list