On Aug 7, 2008, at 2:49 PM, Stephen Feyrer wrote:
Hi anyone.
Can dovecot be configured to authenticate user using only SSL
Certificates only and not ask for a password.So far I've got it taking the username from the common name of the
certificate but I like it to use the certificate in place of the
password.Is this possible and how?
If you're that far, then you're already authenticating the user
against the certificate. Or assuming you have
ssl_require_client_cert=yes. Then just create a passdb that accepts
any password as valid for the user (nopassword=yes extra field).
In theory there's also this EXTERNAL SASL mechanism that could be used
to log in without user/pass, but Dovecot doesn't currrently support
that and I'm not aware of any clients supporting it either.