Re: [exim] NIS Auth not working

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMkmb at <-
MPhil Pennock at ->
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: kmb
CC: exim-users
Subject: Re: [exim] NIS Auth not working
On 2008-09-21 at 22:10 -0400, kmb wrote:
> This is all running on a RH ES4 64Bit server
>
> any pointers on what to look for are welcome.

Run a fake SMTP session with debugging, connect and authenticate.

exim -d+auth -bS

For the authentication, the plaintext is sent as a base64 string. If we
ignore all the normalisation to deal with non-ASCII characters then the
string is made up of three components separated by ASCII NUL:

* authorization ID: leave this empty
* authentication ID: the user whose password is given
* password

So for user "phil" with password "fred" you want to send the
base64-encoded form of "\000phil\000fred", or:
perl -MMIME::Base64 -le 'print encode_base64("\000phil\000fred")'
or:
AHBoaWwAZnJlZA==

So after the EHLO response, you'd send:

AUTH PLAIN AHBoaWwAZnJlZA==

which should provide lots of debugging information about what's
happening and why.

In this case, you're lucky that you don't have:
server_advertise_condition = ${if def:tls_cipher}
in your config, but you might want to consider a set-up where the
NIS password doesn't travel across the wire in nothing more than base64
wrapping.

-Phil

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] NIS Auth not workingRe: [exim] How would you do this?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)