Re: Debian sarge + sendmail + sasl2 + auth login problem
On Fri, 10 Jun 2005, Tim Warnock wrote:
Ive installed the new version of sendmail then sasl2-bin and
libsasl2-modules. Sasl and libsasl and all associated modules
(libsasl-modules-plain?) were already installed.
Good, you're pretty much there
Saslauthd is starting fine after editing /etc/default/saslauthd and its
set to use pam as a mechanism.
Good
Unfortunately, there is no automagic way to migrate to /etc/sasldb2 :(
That bites... if you do `sasldblistusers`, you'll probably find lots
of users, but `sasldblistusers2` will likely have no entries :(
The SASL folks didn't provide a tool to automagically migrate sasldb -
ok, actually they did; if you used gdbm, but Debian didn't... So, you
need to make sure PAM is actually used for the plaintext authentication.
250-AUTH DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Ok, at least 90% there...
If anyone can see anything I missed or need to add I'd appreciate the
help.
what is in /etc/mail/sasl/Sendmail.conf.2 ?
I have the following:
auto_transition: true
pwcheck_method: auxprop saslauthd
auxprop_plugin: sasldb
allowanonymouslogin: 0
allowplaintext: 1
mech_list: EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
That setup will allow SASL to convert and answer the encrypted
passwords, and fall-back to PAM for plain/login.
--
Rick Nelson
<Midgar> From all the sterotypes about Aussies, I figure you guys are
really tough.
<Midgar> ;p
<krusto> we'll throw koala's at you
Reply to: