On Thursday, Aug 14, 2003, at 19:31 Europe/Helsinki, Eric S. Johansson wrote:
Aug 14 11:51:46 harvee dovecot-auth: PAM: pam_authenticate(esj) failed: Authentication failure
not very informative. I already know that I can't login. So I fire up ethereal and capture the following transaction:
Well, that's as informative as you can get from PAM :) It means that PAM decided the password was wrong. Do you have /etc/pam.d/imap file set up correctly?
3 authenticate login 3 NO Unsupported authentication mechanism.
hmm no unsupported authentication mechanism. So that means all authentication methods works right? ;-)
Either your client is stupid or it tries to work around stupid servers. LOGIN command should be accepted by all servers and "login" SASL mechanism is some old not-really-standard.
looking a little further into the configuration, I see instructions to change auth_methods to add plain in front of digest-md5 (or is it digest_md5, both forms are present in the configuration file). No luck. Doing so gives me the following error message:
Fatal: Error in configuration file /usr/local/etc/dovecot.conf line 430: Unknown setting: methods
Um.. You must have had at least one auth_methods line before or it wouldn't have worked.. And the default dovecot-example.conf contained only plain there.
FYI, you probably could use a little bit more detail in the install instructions.
Yes, I have plans to write them .. before 1.0 :)
For example instructing user to create a dovecot user and group name would be useful as would be a startup/shutdown script for init.d. I also find the SSL configuration lacking. On the other hand, I have enough scar tissue from certificates and mini-CA setups to hate them till the end of time. If I get them working better, I'll document and send it to the list.
Yea, there really should be some easier ways to manage your own CAs. I found some certificate manager written with Qt (can't remember name), but something web based could be nice too.