On Mon, 12 Jan 2004, Nigel Metheringham wrote:
> On Sun, 2004-01-11 at 14:14, Svein E. Seldal wrote:
> > I dont get it. I have a server with a sendmail MTA. It is able to use
> > CRAM-MD5 without using having the password available in cleartext. It
> > reads the /etc/shadow (which IFAIK is one-way hashed, right?). How is
> > that possible?
>
> It cannot be doing this.
...unless the encrypted password is kept at both ends, in which case the
encrypted string is essentially being used as the "password". I suppose
the client could be generating the encrypted string each time, assuming
it can discover which salt to use.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
