chirs charter wrote:
> So run the following then:
>
> openssl rsa -in file.key -out newfile.key
>
That's right.
> Does this pose a potential security threat though?
It depends. If someone gets access to your key then they can pretend to be
you. If you keep your key secure then you'll be fine. I'm no crypto expert,
but I think it's reasonably standard for server keys to have no password,
since many servers need to start up without interactive input.
> Also do I need inetd running ? Many of the HOW TOs
> mention the presence of inetd but I am under the
> impression that this is what the 'master' program's
> responsibility is.
No you don't need inetd for IMAPd. Check /etc/inetd.conf to see whether
there's any other services there that you need before you kill it though. If
you don't kill inetd at least remove imap related entries from
/etc/inetd.conf.
> I have noticed though if I kill
> inetd I get the following which seems a bit spartan
> no?
>
> catfish# ps -ef | grep inetd
> root 1627 1 0 21:30:54 ? 0:00
> /usr/sbin/inetd -s
> catfish# kill 1627
> catfish# telnet localhost 993
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
>
A bit spartan... You'd need a very advanced mail client to display your mail
with so little to go on... although it _is_ very secure ;-)
Make sure that /etc/cyrus.conf looks a bit like:
----
START {
# do not delete these entries!
mboxlist cmd="ctl_mboxlist -r"
deliver cmd="ctl_deliver -r"
}
# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
imaps cmd="imapd -s" listen="imaps" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
pop3s cmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
}
EVENTS {
# this is required
checkpoint cmd="ctl_mboxlist -c" period=30
# this is only necessary if using duplicate delivery suppression
delprune cmd="ctl_deliver -E 3" period=1440
}
----
Then when you start /usr/cyrus/bin/master it will be able to fork off imapd
processes as required.