Re: no digest-md5 and cram-md5 in sasldb

• Previous message: Ken Murchison: "Re: Authentication with MySQL for postfix"
• In reply to: Ilya Basin: "no digest-md5 and cram-md5 in sasldb"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Quoting Ilya Basin <lanmot at cwrussia dot ru>:

> Hi,
>
> i've compiled the cyrus-sasl (last stable release) as it said
> in INSTALL section of the docs...
> I've added a user: sasl2passwd -c my_user
> but using the sasldblistusers2, i see no digest-md5 nor cram-md5 hashes:
>
> ilya at torer: cmusaslsecretSRP
> ilya at torer: cmusaslsecretOTP
> ilya at torer: userPassword

This is normal with SASL2. The MD5 mechanisms use the userPassword entry.

>
> #########################################
> bash:/etc/mail# imtest -u ilya -a ilya localhost
> S: * OK mlsrv01 Cyrus IMAP4 v2.1.16 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE
> UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=SRP AUTH=OTP
> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 X-NETSCAPE
> S: C01 OK Completed
> C: A01 AUTHENTICATE SRP
> S: +
> Please enter your password:
> #
> #
> #
> #bla-bla-bla-bla
> #
> #
> S: A01 OK Success (privacy protection)
> Authenticated.
> Security strength factor: 128
>
>
> bash:/etc/mail# imtest -u ilya -a ilya -m digest-md5 localhost
> S: * OK mlsrv01 Cyrus IMAP4 v2.1.16 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE
> UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=SRP AUTH=OTP
> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 X-NETSCAPE
> S: C01 OK Completed
> C: A01 AUTHENTICATE DIGEST-MD5
> #
> #
> #bla-bla-bla
> #
> #
> S: + Please enter your password:
> S: A01 OK Success (privacy protection)
> Authenticated.
> Security strength factor: 128
>
> BUT!!!!!
> bash:/etc/mail# imtest -u ilya -m digest-md5 localhost
> S: * OK mlsrv01 Cyrus IMAP4 v2.1.16 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE
> UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES IDLE STARTTLS AUTH=SRP AUTH=OTP
> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 X-NETSCAPE
> S: C01 OK Completed
> C: A01 AUTHENTICATE DIGEST-MD5
> S: +
> Please enter your password:
> C:
> #
> #
> #
> #bla-bla-bla
> #
> #
> S: A01 NO user not found
> Authentication failed. generic failure
> Security strength factor: 128
>
>
>
>
> What did I wrong?

Without the -a option, imtest will try to authenticate as the user running
imtest. In your case, this is probably root, which most likely doesn't have a
secret in sasldb2.

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp

• Previous message: Ken Murchison: "Re: Authentication with MySQL for postfix"
• In reply to: Ilya Basin: "no digest-md5 and cram-md5 in sasldb"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]