John Colton wrote: > > Hi, > > I just built and installed cyrus-imapd-2.1.11 and cyrus-sasl-2.1.10 under > RedHat 6.2 (yeah, I should upgrade). I've got some basic newbie questions: > * What auth mechs do NOT store plaintext passwords in sasldb2?
OTP and SRP (if configured with --enable-srp-setpass). But userPassword will always be set IIRC. > * I understand how to test different auth mechs with 'imtest -m <mech>' but > how do I configure imapd to use a specific mech? Well, the client picks from what the server offers. You can set what the server offers either by only installing those mechs that you want, or use the sasl_mech_list option. Also note that the only way to disable the IMAP LOGIN command is to specify allowplaintext:0, but that only disables it when not protected by a security layer (SSL/TLS). Ken -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
