On Tue, 2002-05-21 at 06:35, Bradley Glonka wrote:
> define(`confAUTH_OPTIONS', `A')dnl
> TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> 
> This works just fine and authenticates a user against a system account.
> 
> Can anyone confirm this is sent via plain text?  I'm pretty sure it is.
> Assuming it is how can SASL support some kind of encryption?  Or how can
> I make itauthenticate against /etc/sasldb

IIRC, LOGIN and PLAIN are plain-text and should not be used.  If you
remove them, and advertise only DIGEST-MD5 and CRAM-MD5, clients should
use them.




_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to