Re: troubles with cyradm
Hi! > # cat /etc/imapd.conf Without encryption plain text mechanisms are not allowed until allowplaintext: yes is set. > # cyradm --user=cyrus --server=localhost --auth=plain Try # cyradm -u cyrus -a cram-md5 localhost for a non plain text (shared secret) mechanism. Marc Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: troubles with cyradm
On Sat, 2008-10-11 at 01:29 -0400, brian ally wrote: > Fedora 8 > # rpm -qa | grep cyrus > cyrus-sasl-lib-2.1.22-8.fc8 > cyrus-sasl-plain-2.1.22-8.fc8 > cyrus-imapd-utils-2.3.11-1.fc8 > cyrus-sasl-devel-2.1.22-8.fc8 > cyrus-sasl-2.1.22-8.fc8 > cyrus-sasl-md5-2.1.22-8.fc8 > cyrus-imapd-perl-2.3.11-1.fc8 > cyrus-imapd-2.3.11-1.fc8 > > # cat /etc/imapd.conf > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > admins: cyrus > sievedir: /var/lib/imap/sieve > sendmail: /usr/sbin/sendmail > hashimapspool: true > sasl_pwcheck_method: auxprop > sasl_auxprop_plugin: sasldb2 > sasldb_path: /etc/sasldb2 > sasl_mech_list: PLAIN LOGIN DIGEST-MD5 CRAM-MD5 > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt > > # cat /usr/lib/sasl2/smtpd.conf > pwcheck_method: auxprop > mech_list: PLAIN LOGIN DIGEST-MD5 CRAM-MD5 > > I'm going around in circles here trying to figure out how to > authenticate with cyradm. I'd like to use sasldb and so have created > an entry there for the cyrus user. And I've disabled saslauthd. > Whatever I've tried so far has failed. And, frankly, I'm very confused > about how this is supposed to work. For instance, some info I've found > online tells me to create an entry in /etc/paswd for the cyrus user, > while other sources don't mention that. > > So, for the following, PASS1 is what i have in /etc/passwd and PASS2 > was given to saslpasswd2 -c cyrus > > -- snip -- > # cyradm --user=cyrus --server=localhost --auth=plain > verify error:num=18:self signed certificate > Password: PASS1 > IMAP Password: PASS2 > Login failed: authentication failure > at > /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm > line 119 > cyradm: cannot authenticate to server with plain as cyrus > -- snip -- > > /var/log/messages says: > perl: No worthy mechs found > > From what I understand google is telling me, the "verify error" line > can be ignored for now. If not, stop me now. > > I try LOGIN: > > -- snip -- > # cyradm --user=cyrus --server=localhost --auth=login > verify error:num=18:self signed certificate > IMAP Password: PASS2 > Login failed: authentication failure > at > /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm > line 119 > cyradm: cannot authenticate to server with login as cyrus > -- snip -- > > This time, there's no entry in /var/log/messages > > I came across this while searching and thought I'd give it a try: > > cyradm --user=cyrus --tls localhost > cyradm> > > This time, no password prompt (contrary to the example I saw) and I > appear to be in. However, if I try any commands it complains that > there's no connection: > > cyradm> cm [EMAIL PROTECTED] > createmailbox: no connection to server > > Long story short: how the heck should I be connecting to cyradm if I'm > using sasldb2? What's this, "No worthy mechs " about? Is there yet > another config file to adjust? > > Sorry for the long post. I've scrolled through so many things online > but most of the examples are just a little bit different from my setup > (eg. LDAP, MySQL, etc.) and so wanted to try to spell it out as > clearly as possible. > > Of course, if I've left out any crucial information ... start slowly... /etc/imapd.conf sasl_mech_list: PLAIN and are you sure you want to use sasldb? If so, you would have to add each user/password (including cyrus) to that db. also, what's in /etc/sysconfig/saslauthd and is saslauthd service running? Craig Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
troubles with cyradm
Fedora 8 # rpm -qa | grep cyrus cyrus-sasl-lib-2.1.22-8.fc8 cyrus-sasl-plain-2.1.22-8.fc8 cyrus-imapd-utils-2.3.11-1.fc8 cyrus-sasl-devel-2.1.22-8.fc8 cyrus-sasl-2.1.22-8.fc8 cyrus-sasl-md5-2.1.22-8.fc8 cyrus-imapd-perl-2.3.11-1.fc8 cyrus-imapd-2.3.11-1.fc8 # cat /etc/imapd.conf configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: auxprop sasl_auxprop_plugin: sasldb2 sasldb_path: /etc/sasldb2 sasl_mech_list: PLAIN LOGIN DIGEST-MD5 CRAM-MD5 tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt # cat /usr/lib/sasl2/smtpd.conf pwcheck_method: auxprop mech_list: PLAIN LOGIN DIGEST-MD5 CRAM-MD5 I'm going around in circles here trying to figure out how to authenticate with cyradm. I'd like to use sasldb and so have created an entry there for the cyrus user. And I've disabled saslauthd. Whatever I've tried so far has failed. And, frankly, I'm very confused about how this is supposed to work. For instance, some info I've found online tells me to create an entry in /etc/paswd for the cyrus user, while other sources don't mention that. So, for the following, PASS1 is what i have in /etc/passwd and PASS2 was given to saslpasswd2 -c cyrus -- snip -- # cyradm --user=cyrus --server=localhost --auth=plain verify error:num=18:self signed certificate Password: PASS1 IMAP Password: PASS2 Login failed: authentication failure at /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 119 cyradm: cannot authenticate to server with plain as cyrus -- snip -- /var/log/messages says: perl: No worthy mechs found >From what I understand google is telling me, the "verify error" line can be ignored for now. If not, stop me now. I try LOGIN: -- snip -- # cyradm --user=cyrus --server=localhost --auth=login verify error:num=18:self signed certificate IMAP Password: PASS2 Login failed: authentication failure at /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 119 cyradm: cannot authenticate to server with login as cyrus -- snip -- This time, there's no entry in /var/log/messages I came across this while searching and thought I'd give it a try: cyradm --user=cyrus --tls localhost cyradm> This time, no password prompt (contrary to the example I saw) and I appear to be in. However, if I try any commands it complains that there's no connection: cyradm> cm [EMAIL PROTECTED] createmailbox: no connection to server Long story short: how the heck should I be connecting to cyradm if I'm using sasldb2? What's this, "No worthy mechs " about? Is there yet another config file to adjust? Sorry for the long post. I've scrolled through so many things online but most of the examples are just a little bit different from my setup (eg. LDAP, MySQL, etc.) and so wanted to try to spell it out as clearly as possible. Of course, if I've left out any crucial information ... Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
