Here's a question that I havn't seen on the list. I have Cyrus IMAP 2.0.16 installed, and running great for us here. All of the users use Pine from local machines, and would like to not have to type their password to get their mail from the server. Also, I want to implement one-time passwords for users travelling abroad, and since the connection would be unencrypted I don't want them to type the password to read mail. Is there a way to carry some sort of authentication from the local machines to the server? Many users use OpenSSH authentication agents (and if that's the best way to go, I have no problem enforcing it), so there's one possibility.
Currently authentication is done with passwd, since I couldn't get PAM and NIS to play well with each other, so adding "+::::::/bin/false" to /etc/passwd got it working fine. Though we'll hopefully be moving to LDAP soon for other reasons anyway. I would imagine the best solutions would be some way for the server to know that the remote user is authenticated already, and not require a password. Pine wants to do this by using rsh to the mail server, and running /etc/rimapd, but since user logins are disabled on the server I disabled rsh in Pine. Could ssh be used for this? What about Kerberos (which I'd have to learn about before implementing, but there's other users who have requested a few Kerberized services anyway)? Any help would be appreciated. Thanks. -- Steve Huston - System Administrator, Dept. of Astrophysical Sciences Princeton University | ICBM Address: 40.346525 -74.651285 126 Peyton Hall |"On my ship, the Rocinante, wheeling through Princeton, NJ 08544 | the galaxies; headed for the heart of Cygnus, (609) 258-7375 | headlong into mystery." -Rush, 'Cygnus X-1'
