Plain text password between frontend and backend
Michael Loftis
mloftis at wgops.com
Thu Dec 15 03:04:17 EST 2005
-nodes IIRC
--On December 15, 2005 12:43:53 PM +0530 Ramya Krishnan
<ramya_krishnan at sifycorp.com> wrote:
>
> Ken Murchison wrote:
>
>
> Because the frontends proxy as the user to the backend, the IMAP LOGIN
> command can not be used. The only plaintext SASL mechanism that can be
> used is PLAIN, but you can't use it unless protected by TLS. Looking at
> the CAPABILITY output above, it doesn't look like you've configured TLS.
>
> You might also be able to fake this by running imapd on the backends with
> the '-p 2' option.
>
>
> 1. I have 2 backend servers and one proxy-cum/mupdate server. The
> password comes as clear text over the network (unsafe) to proxy. Then I
> am forced to use TLS between the backend and frontend servers... This
> network is safe and i dun want the overhead of ssl... Is there a way to
> overcome this
> 2. When i use SSL in the backend server, it asks for a password
> /var/cyrus/sbin/master
> Enter PEM pass phrase:
> I dun want to enter the password every time i restart master... Is there
> a way
> I generate a the CA and certificates with this.
> openssl req -new -x509 -keyout CAkey.pem -out CAcert.pem
> openssl req -new -keyout mailkey.pem -out mailreq.pem -days 360
> cat mailreq.pem mailkey.pem > mail.pem
> openssl ca -policy policy_anything -out mailcert.pem -infiles mail.pem
>
>
>
>
>
> --Thanks and Regards
> Ramya Krishnan
> "There are four boxes to be used in defense of liberty:soap, ballot,
> jury, and ammo. Please use in that order."-Ed Howdershelt (Author)
>
>
--
"Genius might be described as a supreme capacity for getting its possessors
into trouble of all kinds."
-- Samuel Butler
More information about the Info-cyrus
mailing list