[Dovecot] authentication configuration
I've included the non-defaulted bits of my dovecot.conf file at the bottom of this email.
As I understand my set-up it's using unix authentication methods (/etc/passwd via pam?).
Considering disable_plaintext_auth and auth_mechanisms, what exactly is being passed? I was hoping to get auth_mechanism = digest-md5 but that's not working out very well right now. It seems I can only do plaintext authentication.
I got stuck on the userdb/auth_passdb settings. Can someone give me an example of how to configure for md5-digest authentication?
My current guess is: disable_plaintext_auth = yes auth = digest-md5 auth_mechanism = digest_md5 auth_passdb = /etc/mydigestfile
How would I set this for pgsql? auth_passdb = /etc/dovecot-pgsql.conf
### non-default config settings. protocols = imap imaps disable_plaintext_auth = yes login = imap login_max_processes_count = 16 login = pop3 max_mail_processes = 512 default_mail_env = maildir:~/Maildir mailbox_check_interval = 1 auth = default auth_mechanisms = plain auth_passdb = pam auth_user = root
On Tue, 2004-06-08 at 13:30, Tom Allison wrote:
As I understand my set-up it's using unix authentication methods (/etc/passwd via pam?).
Considering disable_plaintext_auth and auth_mechanisms, what exactly is being passed? I was hoping to get auth_mechanism = digest-md5 but that's not working out very well right now. It seems I can only do plaintext authentication.
DIGEST-MD5 requires specially generated password field (see last line in doc/auth.txt, realm means pretty much same as domain). PAM supports only plaintext authentication, so you'll need to use something else (passwd-file or postgresql).
My current guess is: disable_plaintext_auth = yes auth = digest-md5 auth_mechanism = digest_md5 auth_passdb = /etc/mydigestfile
How would I set this for pgsql? auth_passdb = /etc/dovecot-pgsql.conf
auth_passdb requires as first parameter the database type name. eg.:
auth_passdb = passwd-file /etc/mydigestfile auth_passdb = pgsql /etc/dovecot-pgsql.conf
Same goes for userdb.
participants (2)
-
Timo Sirainen
-
Tom Allison