"unknown password verifier"
Adam Tauno Williams
adam at morrison-ind.com
Mon Oct 30 12:50:50 EST 2006
> > I've restored a mail store to a box and installed the Cyrus packages,
> > and copied the configuration files from a *WORKING* Cyrus server. But
> > whenever I try to authenticate I get a "unknown password verifier"
> > message in the logs:
> > Oct 30 09:51:37 aleph imap[12614]: accepted connection
> > Oct 30 09:51:40 aleph imap[12614]: unknown password verifier
> > Oct 30 09:51:40 aleph imap[12614]: badlogin: [192.168.1.81] plaintext
> > adam SASL(-4): no mechanism available: checkpass failed
> > This is on OpenSuSE 10.1 using the provided packages, same as the working
> > server.
> > Packages installed:
> > cyrus-sasl-2.1.21-18
> > cyrus-sasl-saslauthd-2.1.21-18.3
> > cyrus-imapd-2.2.12-27
> > aleph:/home/awilliam/tmp # grep sasl /etc/imapd.conf
> > sasl_pwcheck_method: saslauthd
> > sasl_mech_list: PLAIN
> > allowplaintext: 1
> > Any clues? As far as I can tell configuration is identical to working
> > server.
> Is saslauthd running and configured the same way on both servers?
Yes. /etc/saslauthd.conf file copied from working server to test server.
And testsaslauthd works:
> > Test saslauthd wors:
> > aleph:/home/awilliam/tmp # testsaslauthd -u adam -p *******
> > 0: OK "Success."
It really seems like Cyrus is refusing to use the PLAIN mech or contact
saslauthd for some reason. But I have no special SASL config file
in /usr/lib/sasl2 on either box or anything particularly special. I
think Cyrus is demanding TLS (encryption) in order to use plain despite
the fact that I have -
allowplaintext: 1
sasl_minimum_layer: 0
- in /etc/imapd.conf.
Test server:
awilliam at aleph:~> imtest -m PLAIN -u adam 192.168.1.81
S: * OK aleph.morrison.iserv.net Cyrus IMAP4 v2.2.12 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
STARTTLS X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN
S: A01 NO encryption needed to use mechanism
Authentication failed. generic failure
Security strength factor: 0
Production server:
awilliam at aleph:~> imtest -t "" -m PLAIN -u adam sardine
S: * OK imap.mormail.com Cyrus IMAP4 v2.2.12 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
STARTTLS X-NETSCAPE
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=19:self signed certificate in certificate chain
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
X-NETSCAPE
S: C01 OK Completed
C: A01 AUTHENTICATE PLAIN
S: A01 NO no mechanism available
Authentication failed. generic failure
Security strength factor: 256
More information about the Info-cyrus
mailing list