On 09/20/19 12:19 -0700, Dave Close wrote:
# testsaslauthd -u cyrus -p YOUR-PASSWORD
0: OK "Success."
# imtest -t "" -u cyrus -a cyrus localhost
AUTH=SCRAM-SHA-1 AUTH=SCRAM-SHA-256
AUTH=GSSAPI AUTH=GSS-SPNEGO AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN
AUTH=PLAIN SASL-IR]
C: A01 AUTHENTICATE SCRAM-SHA-1
<cut>
S: A01 NO generic failure
Authentication failed. generic failure
/etc/imap.conf is the default from the Fedora RPM. It contains this
line:
sasl_pwcheck_method: saslauthd
Hi Dave,
The sasl_pwcheck_method configuration directs libsasl how to authenticate
plaintext mechanisms (plain/login). The scram-sha-1 mechanism does not use
saslauthd and will instead make use of your configured auxprop plugin(s) to
authenticate.
With default configuration, libsasl will reference your sasldb database,
which is configured using the saslpasswd2 utility.
If you wish to only use saslauthd, to authenticate against pam for
instance, then restrict the mechanisms offered by the server with:
sasl_mech_list: PLAIN LOGIN
