On 7.2.2007, at 2.12, Micah Cowan wrote:
I was wondering where I might find more information about using OTP
as an authentication protocol with dovecot. In searching, I found a
thread from 2004, but not much information about how it has
progressed from then. I also saw some promising patches from mid- last year, which if I had to guess are probably the addition of
support for the SASL OTP mechanism. Is this available in a release
yet? (And, also: does anyone know of Linux mail clients that
support the OTP SASL mechanism? I'm hoping Thunderbird might...).
CVS HEAD version has support for OTP SASL mechanism. I don't know how
exactly it works though, it was implemented by Andrey Panin.
If not, is it possible to make it work currently with PAM (or, if
that's not possible, maybe Cyrus SASL)? It would be okay with me if
it can work with PAM but not prompt with the seed/series number: I
can scratch off keys no prob.
If it works with PAM, it's via a plaintext auth mechanism (PLAIN or
LOGIN) which just updates the used OTP number. I don't really know
about that either..