LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Dovecot: Changing IMAP authentication from PLAIN to CRAM-MD5 (http://www.linuxquestions.org/questions/linux-server-73/dovecot-changing-imap-authentication-from-plain-to-cram-md5-4175420953/)

snowweb 08-08-2012 02:34 AM

Dovecot: Changing IMAP authentication from PLAIN to CRAM-MD5
 
I've just installed Dovecot 2.0.9 and roundcube.

I've got it working with PLAIN authentication_mechanism, but I think I should change it to CRAM-MD5.

I'm not sure if I've understood this correctly though. Am I correct in thinking that this is not concerning the encryption used to store the user passwords (since that is SHA512 in my case, but it is only concerning the encryption used for communication between the client IMAP application and dovecot?

This is confusing me as some of the authentication types can be used in both, eg. CRAM-MD5.

If I've understood this correctly then, am I also correct in thinking that to change the authentication type/mechanism to CRAM-MD5 (leaving the passwords encrypted as SHA512), I need to set:

Code:

auth_mechanisms = cram-md5
in /etc/dovecot/conf.d/10-auth.conf and in Roundcube main.inc.php:
Code:

$rcmail_config['imap_auth_type'] = 'CRAM-MD5';
If so, then something's still wrong because I can no longer login using mutt using:
Code:

mutt -f imap://peter@localhost
which I was able to do before and also login to Roundcube now fails, saying:
Code:

IMAP Error in /usr/share/roundcubemail/program/include/rcube_imap.php (205): Login failed for peter from 112.201.185.47. AUTHENTICATE CRAM-MD5: A0001 NO [AUTHENTICATIONFAILED] Authentication failed.
I'm wondering what I've missed (or missunderstood!).

Here's my dovecot -n output
Code:

# OS: Linux 2.6.32-279.2.1.el6.x86_64 x86_64 CentOS release 6.3 (Final) ext4
auth_mechanisms = cram-md5
disable_plaintext_auth = no
last_valid_gid = 1000
mail_gid = 502
mail_location = maildir:/var/mail/%n/Maildir
mail_uid = 501
passdb {
  args = username_format=%u /etc/dovecot/users
  driver = passwd-file
}
ssl = no
userdb {
  args = username_format=%u /etc/dovecot/users
  driver = passwd-file
}
verbose_proctitle = yes

Many thanks,

Peter

snowweb 08-08-2012 10:16 PM

Maybe someone know's how to do this? :-)


All times are GMT -5. The time now is 11:08 PM.