* Guido G?nther ([EMAIL PROTECTED]) wrote: > On Sun, Mar 09, 2008 at 08:32:47PM -0500, John Goerzen wrote: > > Thanks much! Applied this to my git tree. Are there any new config file > > options or any considerations to be documented? (I didn't see any in my > > quick glance at it, but I always thought Kerberos would need some of that > > stuff.) > For gssapi you specifiy a remotehost, a remoteuser but no remotepass. > If the user has a valid Kerberos TGT offlineimap will figure out the > rest all by itself - and fall back to password authentication if needed.
I mentioned this patch on #debian-devel and Steve Langesek was quite interested in the patch, but he wanted a configuration knob to fail if gssapi didn't work, instead of trying regular password authentication. He also wished that the communication after a successful gssapi auth continued to be encrypted with kerebos ticket rather than stay plaintext. I don't think either one of these requests should block the existing patch, but they would be interesting additions in the future. -- Eric Dorland <[EMAIL PROTECTED]> ICQ: #61138586, Jabber: [EMAIL PROTECTED]
signature.asc
Description: Digital signature
