[Dovecot] OTP?

Micah Cowan micah at cowan.name
Wed Feb 7 00:12:02 UTC 2007


I was wondering where I might find more information about using OTP as 
an authentication protocol with dovecot. In searching, I found a thread 
from 2004, but not much information about how it has progressed from 
then. I also saw some promising patches from mid-last year, which if I 
had to guess are probably the addition of support for the SASL OTP 
mechanism. Is this available in a release yet? (And, also: does anyone 
know of Linux mail clients that support the OTP SASL mechanism? I'm 
hoping Thunderbird might...).

If not, is it possible to make it work currently with PAM (or, if that's 
not possible, maybe Cyrus SASL)? It would be okay with me if it can work 
with PAM but not prompt with the seed/series number: I can scratch off 
keys no prob.

I tried briefly to get it to work through PAM, and in fact opieinfo told 
me that the series was being decremented, but auth.log gives

Feb  6 15:41:46 mabruk dovecot-auth: (pam_unix) authentication failure; 
logname= uid=0 euid=0 tty= ruser= rhost=x.x.x.x  user=micah

ssh works fine with the same PAM settings (both include common-auth, 
which has:)

auth    sufficient      pam_opie.so
auth    sufficient      pam_unix.so nullok_secure
auth    required        pam_deny.so

Micah J. Cowan
Programmer, musician, typesetting enthusiast, gamer...

More information about the dovecot mailing list