On Monday 20 May 2002 03:28 pm, Stephen Lee wrote: > On Mon, 2002-05-20 at 10:13, David Douthitt wrote: > > Maybe I should try stunnel - I just fumbled my way through using > > cyrus-sasl to generate some sort of *.pem file. Now if I only knew for > > sure if cyrus-imap was using it.... > > You could always rename the pem file and see if it complains. Could you > not use imaps instead of tunneling? The Courier imap and pop package > does all of this encryption stuff effortlessly.
Actually, the *.pem file was used, but an error generated: May 20 13:54:47 lena imapd[80986]: TLS engine: cannot load CA data May 20 13:54:47 lena imapd[80986]: error initializing TLS: [CA_file: ] [CA_path: ] [cert_file: /var/imap/server.pem] [key_file: /var/imap/server.pem] The file: -rw-r--r-- 1 root wheel 1655 May 20 01:02 server.pem I realize its owned by root:wheel, but it is still world-readable (bad?) - I don't know what permissions to give it. > > Perhaps. I've just done an IMAP connection over a different SSH tunnel, > > and it works - and its one FreeBSD host (lets say, host3) to the same > > IMAP server host. No PPP link, but that shouldn't matter I think... > > Maybe defaultroute or proxyarp settings in ppp need adjustments? PPP works fine - I can go to any host I like - but the SSH tunnel fails. Remember too, that the endpoints of the PPP link and the endpoints of the SSH tunnel are four different hosts entirely. The PPP link is just one of the hops along the way that the SSH tunnel takes. _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html