[Dovecot] Disable IMAP for ONE user only
Professa Dementia
professa at dementianati.com
Mon May 5 23:06:53 UTC 2014
On 5/5/2014 3:30 PM, Benjamin Podszun wrote:
> On Monday, May 5, 2014 11:49:52 PM CEST, SIW wrote:
>> I'm beginning to wonder if I am going about this all wrong :-)
>
> No offense: I'm thinking the same thing. ;-)
>
>> Would it not be easier/better to leave all IMAP/SMTP access in place
>> (for all users) and then just use "one time throw away passwords" for
>> logging in from an internet cafe with Roundcube?
Have you considered Yubikey?
https://www.yubico.com/products/yubikey-hardware/yubikey/
The USB device looks like a keyboard when plugged in. Plug it in, type
in your login, highlight the password field, then press the button on
the Yubikey. It "types" in the OTP. Click the login button.
It run on many OS's, including Linux where it interfaces with PAM. A
simple PAM config change installs it.
https://www.yubico.com/applications/computer-login/linux/
You can even (and I do recommend that you) use it with two factor, so
you enter a normal password, plus the OTP (something that you know, plus
something that you have). This would take a small change to Roundcube,
which is beyond scope for this list.
Dem
More information about the dovecot
mailing list