Hi, thanks for tip. I've rebuilded pwdfile from src and installed it. File /etc/pam.d/imap is : #%PAM-1.0 auth include common-auth auth sufficient pam_pwdfile.so pwdfile /var/spool/imap/imaps_users account include common-account password include common-password session include common-session By htpasswd2 added user to that file. But :Jul 21 20:51:56 celer imaps[32486]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new) no authentication
Jul 21 20:52:00 celer pam_pwdfile[32382]: wrong password for user uzivatelJul 21 20:52:00 celer imaps[32486]: login: gprs10.vodafone.cz [217.77.165.57] uzivatel plaintext+TLS User logged in
Seems like user in the file is known, but because it is a different password from the system (classic linux passwd user or NIS users/passwds), this is refused and used system user's password. What am I doing wrong ? :-/.
All this procedure is because users has weak passwords, so we let them in the company (using only IMAP), but if anybody want to has IMAPS from outside of company (from home, etc...) we force him to create strong password and let IMAPS authorize by this file. And it is not allowed to use anyone else authorization from IMAPS... Quuestion - is this possible at all ? :)
Thanks. J.K. Cituji Syren Baran <sb@xxxxxxxxxxxxx>:
Am Mittwoch, den 21.07.2010, 09:47 +0200 schrieb Josef Karliak:Hi everybody, we need to use another acounts (from extra file) for authorization for IMAPS (from outside of company). IMAP stays authorized over saslauthd (pam). How to solve this ? I'm out of the ideas :-/.Try libpam-pwdfile. Using this here on a debian box. Does exactly what you want ;) Just add a line like auth sufficient pam_pwdfile.so pwdfile /path/to/file to /etc/pam.d/imap The file can be created simply enough (e.g. htpasswd). Greetings, Syren Baran +++++++++++++++++++++++++++++++++++++++++++ Niederlassung Deutschland: BIT-HOUSE Ltd. internet professionals Erthalstr. 17 63739 Aschaffenburg Deutschland Amtsgericht: Aschaffenburg HRB-Nr.: 9136 St/Nr.: 204/104/60603 USt-Id-Nr.: DE814408164 Gechäftsführer: Thomas Witzel +++++++++++++++++++++++++++++++++++++++++++ Telefon: +49.6021.8622-680 VoIP: +49.6021.8622-680 Fax: +49.6021.8622-676 E-Mail: mail@xxxxxxxxxxxxx Homepage: www.bit-house.com +++++++++++++++++++++++++++++++++++++++++++ Hauptsitz: BIT-HOUSE Ltd. 69 Great Hampton Street Birmingham West Midlands United Kingdom Registergericht: Companies House of Cardiff Registernummer: 05325636 Registereintrag: United Kingdom Director: Thomas Witzel +++++++++++++++++++++++++++++++++++++++++++
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Attachment:
binV8DLNF5Cvq.bin
Description: =?iso-8859-2?b?VmX4ZWpu/Q==?= PGP =?iso-8859-2?b?a2zt6A==?=
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
