Cannot login with method=GSSAPI
Erik Haller
erik.haller at gmail.com
Wed Aug 16 09:50:15 EEST 2017
I am migrating an existing dovecot server to a new server. The existing
server uses pam_krb5 and works with the plain and gssapi methods. The new
server plain/pam_krb5 normal password authentication works. However, the
gssapi (tickets) authentication is producing the following error:
=== Begin Error ====
imap-login: Disconnected (no auth attempts in 0 secs): user=<>,
rip=192.168.7.61, lip=192.168.7.97, TLS, session=<SPnD7NhWWtrAqAc9>
=== End Error ===
What is causing the "user=<>"? It should be "user=<erik>".
I have been using Thunderbird SSL GSSAPI from a Debian Linux testing/buster
XFCE desktop to connect to the existing server for years. When I point it
to the new server, I receive the above error.
ssh kerberos gssapi authentication is working fine on the new server.
Most of the doveconf setting between the existing and new servers are the
same.
The existing server is 32 bit. The new server is 64 bit running in an LXC
container. The existing server dovecot version is the same as the new
server.
Notes:
dovecot version: 2.2.31 (65cde28)
OS: Debian Linux testing/buster
Arch: amd64
Client: Mozilla Thunderbird 52.2.1 (latest)
More information about the dovecot
mailing list