Mailing List Archive

Cyrus SASL
Has anybody an idea, to get SASL to work with encrypted passwords in the
database?
I used Cyrus SASL and it seems to be impossible.
--
View this message in context: http://old.nabble.com/Cyrus-SASL-tp33763416p33763416.html
Sent from the dbmail users mailing list archive at Nabble.com.

_______________________________________________
DBmail mailing list
DBmail@dbmail.org
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
Re: Cyrus SASL [ In reply to ]
> Has anybody an idea, to get SASL to work with encrypted passwords in
> the database?
> I used Cyrus SASL and it seems to be impossible.

That is SASL related not DBMail, anyway I think not, you must have clear
text passwd's in the DB for that,

_______________________________________________
DBmail mailing list
DBmail@dbmail.org
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
Re: Cyrus SASL [ In reply to ]
Am 03.05.2012 16:22, schrieb cl445:
> Has anybody an idea, to get SASL to work with encrypted passwords in the
> database?
> I used Cyrus SASL and it seems to be impossible

it is technically not possible doing CRAM-MD5 without
acess to the unencrypted passwords - keep in mind that
the different aut mechs are hashing the password in
different ways on client and server
Re: Cyrus SASL [ In reply to ]
Okay, so the problem is, that SASL needs to encrypt the password for its
own and because of that i'm forced to store the passwords unencrypted?

Am 03.05.2012 16:24, schrieb Reindl Harald:
>
> Am 03.05.2012 16:22, schrieb cl445:
>> Has anybody an idea, to get SASL to work with encrypted passwords in the
>> database?
>> I used Cyrus SASL and it seems to be impossible
> it is technically not possible doing CRAM-MD5 without
> acess to the unencrypted passwords - keep in mind that
> the different aut mechs are hashing the password in
> different ways on client and server
>
>
>
>
>
>
> _______________________________________________
> DBmail mailing list
> DBmail@dbmail.org
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
Re: Cyrus SASL [ In reply to ]
AFAIK yes

Am 03.05.2012 16:58, schrieb Claas Kähler:
> Okay, so the problem is, that SASL needs to encrypt the password for its own and because of that i'm forced to
> store the passwords unencrypted?
>
> Am 03.05.2012 16:24, schrieb Reindl Harald:
>>
>> Am 03.05.2012 16:22, schrieb cl445:
>>> Has anybody an idea, to get SASL to work with encrypted passwords in the
>>> database?
>>> I used Cyrus SASL and it seems to be impossible
>> it is technically not possible doing CRAM-MD5 without
>> acess to the unencrypted passwords - keep in mind that
>> the different aut mechs are hashing the password in
>> different ways on client and server