similar to: Samba with LDAP Authentication

I?m using dovecot to provide encrypted IMAP e-mail support for remote clients and it?s working great. However, I also need to set up a webmail front-end (Roundcube), which I?m hoping to have use unencrypted IMAP on port 143 (as only port 993 is available externally). The problem I?m running into is that I want to require client certificate authentication on port 993, but dovecot is apparently

Am 6. Dezember 2014 13:10:58 MEZ, schrieb Reindl Harald <h.reindl at thelounge.net>: > >Am 06.12.2014 um 06:56 schrieb Jan Wide?: >> If you add disable_plaintext_auth=yes ssl=required settings, then >> dovecot will drop authentication without STARTTLS. But damage will be >> done, client will send unencrypted (or in this scenario MD5 or SHA512 >> hash)

On 12/06/2014 02:35 AM, Nick Edwards wrote: > On 12/5/14, ML mail <mlnospam at yahoo.com> wrote: >> Hello, >> >> I am wondering which variant is more secure for user authentication and >> password scheme. Basically I am looking at both variants: >> >> 1) MD5-CRYPT password scheme storage with CRAM-MD5 auth mechanism >> 2) SHA512-CRYPT password

> Are you 100% sure your interpretation of the FCC rules is correct? Yes > Do you really want passwords going out over RF unencrypted? No. I don't plan to use plaintext auth methods. > As far as I know, only ham bands are not allowed to use encryption. Even > baby monitors these days are DECT. (Mind you, not good encryption.) Correct. It is ham radio. Michael

Hello All, I have samba version 3.3.2 installed on a system running Ubuntu Server 9.04 (32-bit). The users trying to mount the samba shares authenticate over the LDAP server. Here is how my configuration files look like, 1. /etc/samba/smb.conf [global] server string = %h server (Samba, Ubuntu) map to guest = Bad User obey pam restrictions = Yes pam password change = Yes passwd program

Hello, I was wondering if there is an easy way to authenticate users through ldap, or pam (which uses ldap). In our current setup samba uses tdbsam. I would like users to be authenticated to our existing ldap server (slapd on debian etch). So that if the user has been authenticated successfully (s)he can access the directories as configured in smb.conf (/home/username, /public etc.) with the

On 9/17/19 5:35 PM, Richard W.M. Jones wrote: > Test both the TLS enabled and fallback paths. > > nbd-server doesn't appear to support TLS at all, and qemu-nbd is known > not to allow fallback to unencrypted, and therefore it only makes > sense to test nbdkit at the moment. > --- > .gitignore | 4 ++++ > +interop_nbdkit_tls_certs_allow_enabled_SOURCES =

rje writes: > I'm looking into ways to encrypt the stored email on my server. The idea is > to make it impossible for my hosting provider (who has access to my VPS) to > read the mail from the disk. Just to be clear, if at any point your VPS has access to the plaintext mail (or keys that decrypt mail), then the VPS provider could access your decrypted mail. To make it unfeasible

> Technically creating and encrypting folder key does not > require decrypting user's private key. All folder keys > are encrypted with user's public key. Problem is for that this is a new user. The new user has no private key. I need for generating that private key. It do not the sense encrypts something using a key public if there is no private key. Both key public and private

On Fri, Sep 04, 2015 at 12:05:56PM +1200, Andrew Bartlett wrote: > On Wed, 2015-08-12 at 06:18 -0700, John Hixson wrote: > > Hi, > > > > I am in a position where I would like to have LDAP authentication for > > CIFS shares, but cannot modify the LDAP server. The LDAP server is > > Open > > Directory and does not have the Samba schema included or configured.

Hello All, I have samba (Version 3.4.7) installed on a Ubuntu Server 10.04 (64-bit) using apt. I'm attempting to authenticate users connecting to the samba share over LDAP following the documentation https://help.ubuntu.com/10.04/serverguide/C/samba-ldap.html, but the authentication over LDAP fails. The OpenLDAP server was already configured to include the samba.schema, so i have skipped all

Mandi! Rowland Penny via samba In chel di` si favelave... > I would undo that, it appears to be wrong. OK, i've undo also i. > I have tested this on a Ubuntu 22.04 computer and it works, so I have > updated the wiki page: > https://wiki.samba.org/index.php/PAM_Offline_Authentication Apparently works as expected: root at dane:~# wbinfo -K gaio Enter gaio's password:

I have an old Samba network that uses unencrypted passwords. At the time, the posts were running win95. These days they are running win98 for the most part, but introducing new machines onto the network means fiddling with the EnablePlainTextPassword registry key. So currently, all the machines use plain-text passwords. I want to modify them all to use encrypted passwords. Naturally, I want to do

Hi! I am currently publishing some web services on a Centos 5.3 server on my office using the included apache httpd. They are available from the Internet, and they require validation (username/password). I would like to publish them all under https, so the passwords won't travel unencrypted, but then all my sites use the same certificate on apache httpd. The solution to this is using an

Hello, I'm running dovecot 1.0-0_12.beta8. Since I have only a very small number of user on that server, I have their names and password in text files, no databases. imap works both via webmail and via Kmail Is it possible to have, for the same user, a plain unencrypted password when connecting via imap on the local interface (needed, as I understand it, to be squirrelmail compatible) and a

Hi, I am in a position where I would like to have LDAP authentication for CIFS shares, but cannot modify the LDAP server. The LDAP server is Open Directory and does not have the Samba schema included or configured. I only have read only access, a keytab, and possibly a read only bind user. Is this possible? I have attempted to get this working in various ways. I tried enabling plaintext auth and

Hi, I'm just in the middle of setting up dovecot to serve IMAPS -- Actually I've finished apart from one thing: CRAM-MD5 passwords. I'm using SQL as a backend for the password storage, and I don't want to store the passwords in plaintext. I've also configured dovecot to be rather restrictive when it comes to authentication methods (only CRAM-MD5 is allowed). To generate the

Hi, we have following situation: I migrated our company mailserver from POP3 only to dovecot with IMAP and POP. We need to have unencrypted POP3 from our internal network, and the subnet our mailserver is in. Additionally, we now want to allow encrypted IMAP from the internet (for some defined accounts), preferably with TLS (which means I open Port 143 in our firewall). Now, how can I

Aki really thanks for reply,, I hope for continue the conversation, >> Do you have advice about Dovecot plugins for mail encryption: >> >> https://wiki2.dovecot.org/Plugins/MailCrypt >> https://0xacab.org/riseuplabs/trees >> >> I like NaCL based encryption but the MailCrypt plugin is better >> because it's maintained by Dovecot developers (is this

IMHO, in short, learn to use encrypted connections. 2016-07-27 22:38 GMT+02:00 Kris Lou <klou at themusiclink.net>: > As of 4.2.11: https://www.samba.org/samba/security/CVE-2016-2112.html > > =================== > New smb.conf option > =================== > > ldap server require strong auth (G) > > The ldap server require strong auth defines whether the