LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 03-08-2005, 04:22 AM   #1
[GOD]Anck
Member
 
Registered: Dec 2003
Location: The Netherlands
Distribution: Slackware
Posts: 171

Rep: Reputation: 33
Using TLS with cyradm --auth login


I want Cyrus IMAP to only allow logins over a TLS connection, so I've set allowplaintext: no in the /etc/imapd.conf file. However, this prevents me from logging in to cyradm as well:

Code:
linux:/etc # su - cyrus
cyrus@linux:~> cyradm --auth login localhost
IMAP Password:Login only available under a layer at /usr/lib/perl5/vendor_perl/5.8.3/i586-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118
cyradm: cannot authenticate to server with login as cyrus
cyrus@linux:~>
imtest has an option to not only specify the mechanism to use, but also specify that a TLS connection should be negotiated. imtest -m -t will let me login normally:

Code:
cyrus@linux:~> imtest -m login -t "" localhost
S: * OK linux Cyrus IMAP4 v2.2.3 server ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LOGINDISABLED X-NETSCAPE
S: C01 OK Completed
C: S01 STARTTLS
S: S01 OK Begin TLS negotiation now
verify error:num=18:self signed certificate
TLS connection established: TLSv1 with cipher AES256-SHA (256/256 bits)
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE AUTH=LOGIN SASL-IR X-NETSCAPE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN cyrus {8}
S: + go ahead
C: <omitted>
S: L01 OK User logged in
Authenticated.
Security strength factor: 256
I can't seem to find a similar option with cyradm. How can I make cyradm negotiate a TLS connection before using the login mechanism? Or is there another way to enable the cyrus user to login while still disallowing plaintext logins?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Debian Exim4 SMTP Auth TLS? shaun_bakker Linux - Software 1 06-30-2005 11:04 AM
login problem with cyradm carloshdez Linux - Networking 1 02-03-2005 04:03 PM
Postfix configured SASL auth OK, but Outlook login kept rejected randy_liu_tw Linux - Software 2 01-14-2005 02:56 AM
login problem with cyradm carloshdez Linux - Software 1 01-04-2005 12:44 PM
QMAIL AUTH LOGIN AUTH=LOGIN Arghhhhhhhh DrNeil Linux - Networking 3 09-04-2004 10:07 AM


All times are GMT -5. The time now is 04:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration