Bug#402844: libsasl2-modules-gssapi-mit:
sasl-sample-client/sasl-sample-server authentication fails
with GSSAPI mechanism
Michael Richters
merlin at gedankenlabs.org
Sat Dec 16 15:53:08 CET 2006
On Sat, Dec 16, 2006 at 10:34:53AM +0200, Fabian Fagerholm wrote:
> One thing which sticks out to me is that you have
> sasl_pwcheck_method: saslauthd
> in /etc/imapd.conf, but then you have
> MECHANISMS="pam"
> in /etc/default/saslauthd. I'm not too familiar with GSSAPI, but it
> seems to me that something should be different here, as Kerberos will
> handle how authentication data is stored, and saslauthd should simply
> ask it to authenticate the user (or fail).
I'd be surprised if saslauthd had anything to do with it, because
GSSAPI is not a plaintext authentication mechanism (like CRAM-MD5 and
DIGEST-MD5, which can succeed even when saslauthd isn't running).
Could it be that GSSAPI authentication is failing because I have an
entry for the user in /etc/sasldb?
--Mike
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list