Displaying 20 results from an estimated 5000 matches similar to: "nologin in auth proto version 1.1"
2017 Jul 20
1
application specific passwords
Hi Kirill,
Thanks for your reply. Such a simple flat file approach would be
perfect, and I don't mind at all to require app specific usernames *and*
passwords.
However, I am unsure how to combine your recipe below with our regular
AD userdb/passdb.
Perhaps someone can give me some pointers in that direction?
MJ
On 07/20/2017 06:50 PM, Kirill Miazine wrote:
> I'm not familiar
2010 Jan 10
2
"leave mail on server" workaround
Hello,
POP users often keep fetched mail on server, by checking for "leave mail
on server" or similar option in their client.
What would be the best way to disallow them using such approach. That
is, what is the best way to force deletion of messages that have been
RETRieved in a POP session at the end of that POP session?
RETRieved messages will be marked as \Seen, but since users
2010 Jan 28
1
Dovecot 2.0 authentication will not work with Exim [patch]
Just a notice to those of you who use Dovecot authentication with Exim.
In Dovecot 2.0 authentication server will send a new keyword, COOKIE.
This will cause Exim to abort it's authentication request.
I submitted a bug and patch to Exim to fix this, the patch is here:
http://km.krot.org/code/exim-dovecot-1.1.diff
BR,
Kirill
2017 Sep 07
2
Strange SASL issue
2017-09-07 15:04 GMT+02:00 Sami Ketola <sami.ketola at dovecot.fi>:
>
> > On 7 Sep 2017, at 16.03, Antoine Nguyen <ngu.antoine at gmail.com> wrote:
> >
> > 2017-09-07 14:29 GMT+02:00 Aki Tuomi <aki.tuomi at dovecot.fi>:
> >
> >>
> >>
> >> On 07.09.2017 15:26, Antoine Nguyen wrote:
> >>> Hi all,
> >>>
2017 Jul 20
4
application specific passwords
Hi,
Further to the other thread about password guessing activities against
our dovecot, I would like to implement application specific passwords on
our dovecot.
Googling results in some documents, but they are all a bit older:
> https://www.happyassassin.net/2014/08/26/adding-application-specific-passwords-to-dovecot-when-using-system-user-accounts/
>
2004 Dec 03
2
master or client
Hello,
Dovecot auth protocol 1.0 defines differend command sets for client and
master.
How can a daemon distinguish a master connection from a client
connection? Clients do send CPID and master does not.
I have following auth configuration:
auth external {
socket connect {
master {
path = /var/state/dovecot/login/master-auth
}
}
}
I try to learn my authentication daemon to
2004 Dec 07
1
"correct" permissions for login dir
I'm in process of moving away from Cyrus to Dovecot. I have my own
authentication daemon working fine. It sets up two sockets:
drwxr-x--- 2 root dovecot 512 Dec 7 21:07 /var/state/dovecot/login
srw-rw-rw- 1 krot krot 0 Dec 7 21:07 /var/state/dovecot/login/sock
drwx------ 2 krot wheel 512 Dec 7 21:07 /var/state/dovecot/master
srw-rw-rw- 1 krot wheel 0 Dec 7 21:07
2014 Apr 18
1
doveadm auth and the "nologin" extra field
Hello,
Still busy with details...
Considering, as in my previous example, a password_query returning '!' or NULL for the "nologin" column, depending on an account's status (suspended or not).
Let's consider a suspended user "some.user".
In the case of a successful authentication, one has:
sh-3.2# doveadm auth test some.user goodpassword; echo $?
passdb:
2013 Jan 31
3
Userdb passwd and 'nologin' users
I am running Dovecot with system users (userdb passwd), but some of
those users don't have shell accounts on the IMAP server so their shell
on that machine is set to /usr/sbin/nologin. Currently I am using
maildirs and this is not a problem, but I am in the process of switching
to dbox which means I will need a cronjob running 'doveadm purge -A'.
During testing I found that those
2010 Jan 11
2
/etc/nologin must be world-readable which is not totally clear
hi, the man page for sshd(1) says about /etc/nologin: "The file
should be world-readable". However, nologin has no effect if it's not
readable by the connecting user:
if (pw->pw_uid)
f = fopen(_PATH_NOLOGIN, "r");
if (f) {
/* /etc/nologin exists. Print its contents and exit. */
...
...
return(254)
if root has a
2001 Jan 20
1
/etc/nologin and Solaris PAM bug
My apologies if this has already been discussed. I looked through the
mailing list archives and couldn't see any mention of this problem. I
compiled and installed openssh-2.3.0p1 on a sparc running SunOS 5.7, and
while I was testing it to make sure everything was working properly, I
noticed that when I used PAM to authenticate, rather than /bin/login, sshd
was not honoring /etc/nologin.
I
2009 Oct 14
1
pop3-login process
Hi,
I would like to know if the pop3-login process would be
create
more than one while a user connection is established.
http://wiki.dovecot.org/RunningDovecot
------------------------------------
imap-login and pop3-login processes handle new IMAP and
POP3 connections until user has logged in.
------------------------------------
I'm sorry to ask you this kind of question...
Regards,
2019 Jan 10
3
vsftpd rejects users set to nologin
On Thu, 10 Jan 2019 at 16:09, Kenneth Porter <shiva at sewingwitch.com> wrote:
> I updated to CentOS 7.6 and something must have changed in the base OS
> setup that prevents vsftpd from allowing logins for accounts with
> /sbin/nologin as their shell. I had to add that to /etc/shells so that
> such
> accounts could FTP again. That file is in the setup package. Did it
>
2007 Jan 22
2
nologin not working with openssh >= 4.3 and authentication != password
Hi developers,
today I tried to disable logins to an ssh server by putting a nologin
file into /etc. This only worked for logins that use the password
authentication mechanism. publickey-based authentications still
succeeded and the users were allowed into the system. This seems
straightforward to me since openssh 4.3 disabled the evaluation of
/etc/nologin in favour of pam_nologin but
2010 Jan 14
3
LDA and POP3/IMAP user_query
How do I get IMAP+POP3 vs. LDA to use different user_query statements?
The problem is that the input fields are different.
IMAP/POP3 is an email address
LDA is a username
I have written a long statement to try and cater for both however it still
only works 99% of the time, and the remaining 1% fails. The 1% that fails
sees the mail being delivered to the wrong mbox. In this particular case
2013 Jan 23
3
dovecot 2.1.13, proxy and nologin extras field
Hi at all,
in our test environment, I'm playing with dovecot 2.1.13 configured as
imap/pop/managesieve proxy. It is configured to authenticate users with
ldap and it works very well.
Now, I'd like to temporary disable some users's login, because we are
moving to another storage, and I wouldn't stop imap service at all.
I've found on Dovecot wiki that I could use
2017 Jul 20
0
application specific passwords
Hi, mj
* mj [2017-07-20 13:29]:
> Hi,
>
> Further to the other thread about password guessing activities against our
> dovecot, I would like to implement application specific passwords on our
> dovecot.
[...]
>
> Is there anone here with some additional notes, ideas, tips, trics on
> setting up application specific passwords with dovecot with virtual users?
> We are
2005 May 25
5
[Bug 1045] Missing option for ignoring the /etc/nologin file
http://bugzilla.mindrot.org/show_bug.cgi?id=1045
Summary: Missing option for ignoring the /etc/nologin file
Product: Portable OpenSSH
Version: 4.0p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
2000 Aug 01
1
RSA authentication bypassing /etc/nologin
Hello everyone,
I noticed recently that when I had /etc/nologin in place on my
server I couldn't log in when I authenticated via passwords, but when I used
RSA authentication I was able to log in no problem. I looked through the
source, and I think I might see where the problem is. I have a Linux system,
so sshd was compiled with PAM support. Using normal authentication, the
pam_nologin
2016 Nov 21
4
nologin + reason -> logging reason
Hi.
I'm using nologin with own reason [1]. That works fine. For example pop3
client gets nice message like "-ERR [AUTH] Account is locked. Please contact
support."
Unfortunately maillog lacks information details about why user was not allowed
to log in.
pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<testuser>,
method=LOGIN, rip=1.1.1.1, lip=2.2.2.2,