Rosenbaum, Larry M. wrote:
Is there a way to get cyradm to use TLS (or STARTTLS) when connecting to
the server? We are planning to authenticate with /etc/shadow using
saslauthd, and use TLS to avoid putting plaintext passwords on the wire.
However, I have found out that specifying
allowplaintext: 0
prevents us from using cyradm.
First of all, I'm not aware of TLS support in Cyrus, only SSL. I could
be wrong, though.
You can use some of the SSL tunnels, I believe that "openssl" command
offers such a tunnel, see man pages.
On the other hand, you can surely use DIGEST-MD5 mechanism, but then you
must store user/pass in SASL-DB.
Nix.
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
