[exim] Re: Testing the GSASL authenticator with SCRAM-*-PLUS

Top Page
Delete this message
Reply to this message
Author: Jasen Betts
Date:  
To: exim-users
Subject: [exim] Re: Testing the GSASL authenticator with SCRAM-*-PLUS
On 2023-11-19, Martin Lambers via Exim-users <exim-users@???> wrote:

> For archive completeness I'd like to mention that for SCRAM, the server
> does not need to know the password itself, but just a salted and hashed
> version of it, which can be set with server_skey instead of
> server_password. For my simple test setup, I did not use this.


However the salted password is also all that a client needs to authenticate
to the server So the same care is needed to keep the storage secure as
if it was storing the password..

--
Jasen.
🇺🇦 Слава Україні

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/