pam+cyrus failed to authenticate
Simon Matter
simon.matter at ch.sauter-bc.com
Tue Nov 16 02:29:20 EST 2004
> Hi,
>
> I got cyrus-imap2.2 and cyrus-sasl2.1.20 with saslauthd2 compiled in
> FreeBSD 5.3.
> I can successfully login with the following cyradm command:
> # cyradm -u cyrus --server gateway.mydom.com --auth plain
> Password:
> IMAP Password:
> gateway.mydom.com>
> The log corresponding to the above cyradm command is:
>
> Nov 16 06:06:43 gateway imap[73636]: badlogin: gateway.mydom.com
> [192.168.4.88] PLAIN [SASL(-16): encryption needed to use mechanism:
> security flags do not match required]
> Nov 16 06:06:46 gateway perl: No worthy mechs found
> Nov 16 06:06:50 gateway imap[73636]: login: gateway.mydom.com
> [192.168.4.88] cyrus plaintext User logged in
>
> I can see there is some problem here eventhought cyradm login
> successfully, but the second log message indicated that cyrus is logged
> in.
> Then, I also added bob at mydom.com user account using the cyradm admin
> shell.
>
> I further test the cyrus server by adding user at domain.com to the
> imap.password file:
> pwadd -a bob at mydom.com
I'm not sure this will work. IIRC with pam the you have to use 'saslauth
-r' to make it not remove everything behind @.
Simon
> # cat imap.passwd
> abc.xyz at mydom.com:$1$OxTrXXu7$SPv0UCpp4BuyFGy6uQkBn1
> cyrus:$1$EUHsnXCc$qpuk26X8VPQnIifMbnap6.
> bob at mydom.com:$1$3gb6Wviv$0zrfF91CdEd3IlI7c62QQ1
>
> But imtest failed with the following message:
>
> Nov 16 06:05:16 gateway saslauthd[73020]: user not found in password
> database
> Nov 16 06:05:16 gateway imap[73621]: badlogin: gateway.mydom.com
> [192.168.4.88] plaintext bob at mydom.com SASL(-13): authentication
> failure: checkpass failed
>
> I searched google, but found not much useful information.
> Can anyone tell me how to fix this problem?
>
> I have saslauthd started with -a pam.
> imapd.conf is defined with the option:
> sasl_pwcheck_method: saslauthd
>
> Thanks
> Sam
>
>
More information about the Info-cyrus
mailing list