[Dovecot] Authentication issue.
Hi list,
I try to run imaptest, but I get the following errors (as root):
# ./imaptest copybox=Trash # or any other command in http://www.imapwiki.org/ImapTest/Examples Logi List Stat Sele Fetc Fet2 Copy Stor Dele Expu Appe Logo 100% 50% 50% 100% 100% 100% 33% 50% 100% 100% 100% 100% 30% 5% 5% 0 0 0 0 0 0 0 0 0 0 0 0 10/ 10 0 0 0 0 0 0 0 0 0 0 0 0 10/ 10 0 0 0 0 0 0 0 0 0 0 0 0 10/ 10 0 0 0 0 0 0 0 0 0 0 0 0 10/ 10 Error: root[4]: LOGIN failed: 4.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[3]: LOGIN failed: 3.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[5]: LOGIN failed: 5.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[2]: LOGIN failed: 2.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[6]: LOGIN failed: 6.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[10]: LOGIN failed: 10.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[7]: LOGIN failed: 7.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[1]: LOGIN failed: 1.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[8]: LOGIN failed: 8.1 NO [AUTHENTICATIONFAILED] Authentication failed. Error: root[9]: LOGIN failed: 9.1 NO [AUTHENTICATIONFAILED] Authentication failed. ^C
# tail /var/log/mail.log: Dec 17 18:07:28 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<root>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:08:01 dovecot: last message repeated 19 times
# tail /var/log/auth.log: Dec 17 18:07:24 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=root rhost=127.0.0.1 user=root Dec 17 18:08:01 auth: last message repeated 19 times Dec 17 18:08:01 CRON[13916]: pam_unix(cron:session): session opened for user root by (uid=0) Dec 17 18:08:02 CRON[13916]: pam_unix(cron:session): session closed for user root
# dovecot --version 2.0.2
# /usr/bin/doveconf -n -c /etc/dovecot/dovecot.conf # 2.0.2: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-ipv6-64 x86_64 Ubuntu 10.10 ext4 auth_mechanisms = plain login digest-md5 cram-md5 disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = dbox:/mnt/dovecot/users/%n mail_privileged_group = mail mbox_read_locks = fcntl dotlock mbox_write_locks = fcntl dotlock mmap_disable = yes passdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener auth-master { mode = 0600 user = doveusers } user = root } ssl = no userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master postmaster_address = my-email@gmail.com }
I do not understand where the problem is. Do you have any idea?
/dimitri
On 12/17/2010 06:16 PM dmitri tchernov wrote:
… # ./imaptest copybox=Trash # or any other command in … Error: root[4]: LOGIN failed: 4.1 NO [AUTHENTICATIONFAILED] Authentication failed. … ^C
# tail /var/log/mail.log: Dec 17 18:07:28 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<root>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:08:01 dovecot: last message repeated 19 times
# dovecot --version 2.0.2
Version 2.0.8 is available …
I do not understand where the problem is. Do you have any idea?
Don't try to login as root. Use a human account.
Regards, Pascal
The trapper recommends today: 5e1f1e55.1035118@localdomain.org
On Fri, Dec 17, 2010 at 6:38 PM, Pascal Volk < user+dovecot@localhost.localdomain.orguser%2Bdovecot@localhost.localdomain.org
wrote:
On 12/17/2010 06:16 PM dmitri tchernov wrote:Dec 17 18:08:01 dovecot: last message repeated 19 times
# dovecot --version 2.0.2
Version 2.0.8 is available …
For some reasons, I can't update the version.
I do not understand where the problem is. Do you have any idea?
Don't try to login as root. Use a human account.
Same errors.
On Fri, Dec 17, 2010 at 6:49 PM, Pascal Volk < user+dovecot@localhost.localdomain.orguser%2Bdovecot@localhost.localdomain.org
wrote:
On 12/17/2010 06:44 PM dmitri tchernov wrote:
Same errors.
Set auth_debug=yes, execute
dovecot realodand check your logs (doveadm log find).
/var/log/syslog: Dec 17 18:54:17 dovecot: auth: pam(test00001,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: auth: Debug: client out: FAIL#0111#011user=test00001 Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<test00001>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured
/var/log/mail.log: Dec 17 18:54:14 dovecot: auth: pam(test00001,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: client out: FAIL#0111#011user=test00001 Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<test00001>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: auth client connected (pid=16351) Dec 17 18:54:16 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=33814#011resp=<hidden> Dec 17 18:54:16 dovecot: auth: Debug: passwd-file(test00001,127.0.0.1): lookup: user=test00001 file=/mnt/dovecot/userlist.passwd
/var/log/auth.log: Dec 17 18:54:12 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=test00001 rhost=127.0.0.1 user=test00001 Dec 17 18:54:18 auth: last message repeated 19 times Dec 17 18:54:18 su[16279]: pam_unix(su:session): session closed for user test00001
Regards,
Pascal
The trapper recommends today: 5e1f1e55.1035118@localdomain.org
On Fri, Dec 17, 2010 at 6:59 PM, dmitri tchernov mitia.tchernov@gmail.comwrote:
On Fri, Dec 17, 2010 at 6:49 PM, Pascal Volk < user+dovecot@localhost.localdomain.orguser%2Bdovecot@localhost.localdomain.org
wrote:
On 12/17/2010 06:44 PM dmitri tchernov wrote:
Same errors.
Set auth_debug=yes, execute
dovecot realodand check your logs (doveadm log find)./var/log/syslog: Dec 17 18:54:17 dovecot: auth: pam(test00001,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: auth: Debug: client out: FAIL#0111#011user=test00001 Dec 17 18:54:19 dovecot: last message repeated 9 times Dec 17 18:54:19 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<test00001>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured
/var/log/mail.log: Dec 17 18:54:14 dovecot: auth: pam(test00001,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: client out: FAIL#0111#011user=test00001 Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<test00001>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured Dec 17 18:54:16 dovecot: last message repeated 9 times Dec 17 18:54:16 dovecot: auth: Debug: auth client connected (pid=16351) Dec 17 18:54:16 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=33814#011resp=<hidden> Dec 17 18:54:16 dovecot: auth: Debug: passwd-file(test00001,127.0.0.1): lookup: user=test00001 file=/mnt/dovecot/userlist.passwd
/var/log/auth.log: Dec 17 18:54:12 auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=test00001 rhost=127.0.0.1 user=test00001 Dec 17 18:54:18 auth: last message repeated 19 times Dec 17 18:54:18 su[16279]: pam_unix(su:session): session closed for user test00001
Uh, I also have:
/var/log/mail.err: Dec 17 18:48:35 dovecot: auth: Error: userdb(test00001,127.0.0.1): user not found from userdb passwd-file Dec 17 18:48:35 dovecot: imap: Error: Authenticated user not found from userdb
When I check /mnt/dovecot/userlist.passwd, everything looks ok.
Regards,
Pascal
The trapper recommends today: 5e1f1e55.1035118@localdomain.org
On Fri, Dec 17, 2010 at 7:05 PM, Pascal Volk < user+dovecot@localhost.localdomain.orguser%2Bdovecot@localhost.localdomain.org
wrote:
On 12/17/2010 07:02 PM dmitri tchernov wrote:
When I check /mnt/dovecot/userlist.passwd, everything looks ok.
Please show your configuration: doveconf -n
I gave it in the very first e-mail :-)
# 2.0.2: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-xxxx-grs-ipv6-64 x86_64 Ubuntu 10.10 ext4 auth_debug = yes auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = dbox:/mnt/dovecot/users/%n mail_privileged_group = mail mbox_read_locks = fcntl dotlock mbox_write_locks = fcntl dotlock mmap_disable = yes passdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener auth-master { mode = 0600 user = doveusers } user = root } ssl = no userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master postmaster_address = my-email@gmail.com }
Regards, Pascal
The trapper recommends today: f007ba11.1035119@localdomain.org
On 12/17/2010 07:07 PM dmitri tchernov wrote:
I gave it in the very first e-mail :-)
Sorry, my fault
# 2.0.2: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-xxxx-grs-ipv6-64 x86_64 Ubuntu 10.10 ext4 auth_debug = yes auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = dbox:/mnt/dovecot/users/%n mail_privileged_group = mail mbox_read_locks = fcntl dotlock mbox_write_locks = fcntl dotlock mmap_disable = yes passdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener auth-master { mode = 0600 user = doveusers } user = root } ssl = no userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master postmaster_address = my-email@gmail.com }
There is no userdb { driver = passwd } (please show doveconf userdb
output).
You can use doveadm to see if a user exists (if dovecot will find it in
the userdb): http://wiki2.dovecot.org/Tools/Doveadm/User
See also: http://wiki2.dovecot.org/Tools/Doveadm/Auth
Regards, Pascal
The trapper recommends today: f007ba11.1035119@localdomain.org
On Fri, Dec 17, 2010 at 7:15 PM, Pascal Volk < user+dovecot@localhost.localdomain.orguser%2Bdovecot@localhost.localdomain.org
wrote:
On 12/17/2010 07:07 PM dmitri tchernov wrote:
# 2.0.2: /etc/dovecot/dovecot.conf # OS: Linux 2.6.34.6-xxxx-grs-ipv6-64 x86_64 Ubuntu 10.10 ext4 auth_debug = yes auth_mechanisms = plain login disable_plaintext_auth = no log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = dbox:/mnt/dovecot/users/%n mail_privileged_group = mail mbox_read_locks = fcntl dotlock mbox_write_locks = fcntl dotlock mmap_disable = yes passdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } passdb { driver = pam } protocols = imap pop3 service auth { unix_listener auth-master { mode = 0600 user = doveusers } user = root } ssl = no userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file } protocol pop3 { pop3_uidl_format = %08Xu%08Xv } protocol lda { auth_socket_path = /var/run/dovecot/auth-master postmaster_address = my-email@gmail.com }
There is no userdb { driver = passwd } (please show
doveconf userdboutput).
# /usr/bin/doveconf userdb userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file }
You can use doveadm to see if a user exists (if dovecot will find it in
the userdb): http://wiki2.dovecot.org/Tools/Doveadm/User
Well spotted, an UTF-8 character was in the file at the wrong place. I had: # doveadm user test00001 userdb lookup: user test00001 doesn't exist
And now: # doveadm user test00001 userdb: test00001 uid : 1001 gid : 1001
# dovecot reload #
I run the imaptest with user test00001, and I have the following lines in /var/log/mail.log: Dec 17 19:22:48 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=49371#011resp=<hidden> Dec 17 19:22:48 dovecot: auth: Debug: passwd-file(test00001,127.0.0.1): lookup: user=test00001 file=/mnt/dovecot/userlist.passwd Dec 17 19:22:48 dovecot: auth: passwd-file(test00001,127.0.0.1): Password mismatch Dec 17 19:22:48 dovecot: auth: Debug: pam(test00001,127.0.0.1): lookup service=dovecot Dec 17 19:22:48 dovecot: auth: Debug: pam(test00001,127.0.0.1): #1/1 style=1 msg=Password: Dec 17 19:22:50 dovecot: auth: pam(test00001,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?) Dec 17 19:22:52 dovecot: last message repeated 9 times Dec 17 19:22:52 dovecot: auth: Debug: client out: FAIL#0111#011user=test00001 Dec 17 19:22:52 dovecot: last message repeated 9 times Dec 17 19:22:52 dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<test00001>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured
# doveadm auth test00001 <the password supplied in userlist.passwd for this user> passdb: test00001 auth succeeded extra fields: user=test00001
See also: http://wiki2.dovecot.org/Tools/Doveadm/Auth
Regards, Pascal
The trapper recommends today: f007ba11.1035119@localdomain.org
On 12/17/2010 07:27 PM dmitri tchernov wrote:
# /usr/bin/doveconf userdb userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file }
Well spotted, an UTF-8 character was in the file at the wrong place. I had: # doveadm user test00001 userdb lookup: user test00001 doesn't exist
And now: # doveadm user test00001 userdb: test00001 uid : 1001 gid : 1001
# dovecot reload #
I run the imaptest with user test00001, and I have the following lines in /var/log/mail.log: Dec 17 19:22:48 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=49371#011resp=<hidden> Dec 17 19:22:48 dovecot: auth: Debug: passwd-file(test00001,127.0.0.1): lookup: user=test00001 file=/mnt/dovecot/userlist.passwd Dec 17 19:22:48 dovecot: auth: passwd-file(test00001,127.0.0.1): Password mismatch Dec 17 19:22:48 dovecot: auth: Debug: pam(test00001,127.0.0.1): lookup service=dovecot Dec 17 19:22:48 dovecot: auth: Debug: pam(test00001,127.0.0.1): #1/1 style=1 msg=Password: Dec 17 19:22:50 dovecot: auth: pam(test00001,127.0.0.1): pam_authenticate() failed: Authentication failure (password mismatch?)
# doveadm auth test00001 <the password supplied in userlist.passwd for this user> passdb: test00001 auth succeeded extra fields: user=test00001
,--[ …/conf.d/10-logging.conf ]-- | # In case of password mismatches, log the passwords and used scheme so the | # problem can be debugged. Enabling this also enables auth_debug. | #auth_debug_passwords = no `--
Set auth_debug_passwords to yes, Dovecot will log the reason why authentication fails.
Regards, Pascal
The trapper recommends today: f007ba11.1035119@localdomain.org
On Fri, Dec 17, 2010 at 7:57 PM, Pascal Volk < user+dovecot@localhost.localdomain.orguser%2Bdovecot@localhost.localdomain.org
wrote:
On 12/17/2010 07:27 PM dmitri tchernov wrote:
# /usr/bin/doveconf userdb userdb { args = /mnt/dovecot/userlist.passwd driver = passwd-file }
Well spotted, an UTF-8 character was in the file at the wrong place. I
had:
# doveadm user test00001 userdb lookup: user test00001 doesn't exist
And now: # doveadm user test00001 userdb: test00001 uid : 1001 gid : 1001
# dovecot reload #
I run the imaptest with user test00001, and I have the following lines in /var/log/mail.log: Dec 17 19:22:48 dovecot: auth: Debug: client in:
Dec 17 19:22:48 dovecot: auth: Debug: passwd-file(test00001,127.0.0.1): lookup: user=test00001 file=/mnt/dovecot/userlist.passwd Dec 17 19:22:48 dovecot: auth: passwd-file(test00001,127.0.0.1): Password mismatch Dec 17 19:22:48 dovecot: auth: Debug: pam(test00001,127.0.0.1): lookup service=dovecot Dec 17 19:22:48 dovecot: auth: Debug: pam(test00001,127.0.0.1): #1/1
msg=Password: Dec 17 19:22:50 dovecot: auth: pam(test00001,127.0.0.1):
failed: Authentication failure (password mismatch?)
# doveadm auth test00001
AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=49371#011resp=<hidden> style=1 pam_authenticate() this
user> passdb: test00001 auth succeeded extra fields: user=test00001
,--[ …/conf.d/10-logging.conf ]-- | # In case of password mismatches, log the passwords and used scheme so the | # problem can be debugged. Enabling this also enables auth_debug. | #auth_debug_passwords = no `--
Set auth_debug_passwords to yes, Dovecot will log the reason why authentication fails.
Thank you very much for your patience, Pascal. It appeared that imaptest wanted a fixed password ("pass"), regardless of test00001's one. Thus, I set "pass" as the password in userlist.passwd for test00001, so that imaptest eventually stop complaining.
Regards, Pascal
The trapper recommends today: f007ba11.1035119@localdomain.org
On 12/18/2010 02:19 AM dmitri tchernov wrote:
Thank you very much for your patience, Pascal. It appeared that imaptest wanted a fixed password ("pass"), regardless of test00001's one. Thus, I set "pass" as the password in userlist.passwd for test00001, so that imaptest eventually stop complaining.
The user-password can be passed as commandline arg: imaptest … pass=SomeThing …
See also: http://imapwiki.org/ImapTest/Examples
Regards, Pascal
The trapper recommends today: c01dcofe.1035216@localdomain.org
participants (2)
-
dmitri tchernov
-
Pascal Volk