Migrate passwords from shadow to mysql

Tero Matinlassi tero.matinlassi at edu.vantaa.fi
Wed Feb 4 06:24:11 EST 2004


Lainaus Joe Hrbek <jhrbek-cyrus at gplsinc.com>:

> > I had to use
> > pam_mysql and run saslauthd -a pam. Works quite nicely.
> > I also
> > tried to use the sasl mysql auxprop plugin (or something like
> that),
> > but it didn't work out then.
> 
> 
> Auxprop is a way better way to go than to use saslauthd, especially
> for
> mysql.

Yes. After all, pam_mysql/saslauthd combination adds unnecessary layers
to the authentication.

Someone correct me if I am wrong, but I think auxprop can't currently
handle passwords that are (hex) MD5 hashes (think MySQL MD5() fuction or
md5sum program output). This is different from MD5 crypt() which, I
think, is handled. This is something I forgot to mention to the person
who started this thread - he's likely to use the latter so auxprop
might be an answer for him, if he decides to keep passwords intact.

Also, it wouldn't be too hard to support (hex) MD5 hashes as passwords
with auxprop also, but I don't have the need for it now as
pam_mysql/saslauthd works for me.

-Tero

-- 
Tero Matinlassi




More information about the Info-cyrus mailing list