Re: imap with fetchmail-ssl?
On Sat, Dec 14, 2002 at 02:22:31PM -0500, Nori Heikkinen wrote:
> all of a sudden i need to be using secure fetchmail, which i should
> have been to begin with, but didn't really realize i wasn't. i
> apt-got fetchmail-ssl, and changed the POP3 line to IMAP in my
> .fetchmailrc but can't retrieve mail from my server at all. any tips
> or places on where the FM is to R?
This isn't direct help for your problem, but if you have shell access to
the server then I recommend using an ssh tunnel. The relevant fragment
of my .fetchmailrc is:
poll mccoy.flatline.org.uk with proto IMAP
plugin "ssh -2 -i /home/cjwatson/.ssh/id-imapd-flatline mccoy /usr/sbin/imapd" with auth ssh
user 'cjw44' there is 'cjwatson' here
options fetchall fetchlimit 40
~/.ssh/id-imapd-flatline is an SSH key generated with 'ssh-keygen -t rsa
-N "" -f id-imapd-flatline'. At the remote end I have the public key in
~/.ssh/authorized_keys prefixed by
'command="/usr/sbin/imapd",no-pty,no-port-forwarding'. This renders that
key a passphraseless single-purpose key that can only be used to run
imapd on the remote machine. The passphraselessness means that it can be
used non-interactively by the scripts that pick up my mail.
The main reason I switched to this technique was to remove one more
cleartext password from my dotfiles. You might find it useful, though.
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: