Re: Can't successfully test credentials I just created

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello, Dan, and other SASL experts.

A quick update: I have decided to try using SASL's PAM mechanism, since that's what seems to be setup by default.

So, I rebuild my system from scratch (it's just a Xen VM, after all), and installed all cyrus-sasl RPMs:
==================================
cyrus-sasl-ldap-2.1.22-4
cyrus-sasl-devel-2.1.22-4
cyrus-sasl-plain-2.1.22-4
cyrus-sasl-ntlm-2.1.22-4
cyrus-sasl-sql-2.1.22-4
cyrus-sasl-plain-2.1.22-4
cyrus-sasl-ntlm-2.1.22-4
cyrus-sasl-ldap-2.1.22-4
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-2.1.22-4
cyrus-sasl-lib-2.1.22-4
cyrus-sasl-sql-2.1.22-4
cyrus-sasl-gssapi-2.1.22-4
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-devel-2.1.22-4
cyrus-sasl-2.1.22-4
cyrus-sasl-md5-2.1.22-4
cyrus-sasl-gssapi-2.1.22-4
==================================

When I start up SASL with "service saslauthd start", here's what's running:
==================================
[root@emailrelay ~]# ps auxwww | grep sasl
root 4828 0.0 0.3 46648 804 ? Ss 16:10 0:00 /usr/ sbin/saslauthd -m /var/run/saslauthd -a pam
==================================
It's using PAM, right? It should work with any shell account I create, right?

So, I create a regular Unix shell account, set the password to '1234', and verify that I can login as the user in question.
==================================
ann@some-other-host:~> ssh relay@xxxxxxxxxxxxxxxxxxxxxxx
relay@xxxxxxxxxxxxxxxxxxxxxxx's password:  [ here I type '1234' ]
  Last login: Mon Nov 17 16:06:15 2008 from xxx.xxx.xxx.xxx
[relay@emailrelay ~]$
==================================
OK, shell login works. Later, if I can get this working, I will set the shell to "/sbin/nologin".


Now, at this point, SASL should authenticate against these credentials with no problem, right? So, why won't this work?
==================================
[root@emailrelay ~]# testsaslauthd -u relay -p 1234
0: NO "authentication failed"
==================================
   and from /var/log/messages...
==================================
Nov 17 16:47:49 emailrelay saslauthd[4831]: do_auth : auth failure: [user=relay] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]
==================================

OK, now I'm really baffled. Is the testsaslauthd broken? Am I using it incorrectly? What does the [service=imap] mean?

This use case seem dead simple, but is not working.   :(

Thanks for any insights,
- Ann




[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux