[TriLUG] redhat, ipop3d, /etc/cram-md5.pwd, and ldap

Jon Carnes jonc at nc.rr.com
Thu Jul 22 19:03:10 EDT 2004


On Thu, 2004-07-22 at 12:48, Rodent of Unusual Size wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> please bear with me; i timeslice to a ruinous degree and i don't
> remember exactly how i got here..
> 
> for a long time i was using qpopper for my pop accounts.  in fact, i
> still do for non-secure ones.  for secure ones i managed to set up
> ipop3d using ssl, so it uses a different port and doesn't interfere
> with the legacy qpopper users.  in order to get ipop3d to work,
> however, i ended up having to create /etc/cram-md5.pwd and hardcoding
> the usernames and pop passwords of the people able to use the secure
> interface.
> 
> there are a number of drawbacks for this, not least being that the
> file could be inadverternly exposed and users cannot change their
> own passwords.
> 
> i'd *like* to
> 
> a) switch all pop usage -- ssl, hashed passwords, plaintext passwords,
>    and otherwise over to ipop3d, and
> b) i'd like to have the authentication come out of an ldap directory,
>    so i could set something up to let people change their own
>    passwords.
> 
> unfortunately, i'm not having a lot of luck googling for how-tos and
> instructions, so i'm hoping someone here might have bookmarked some
> urls that might be shared..
> 
> thanks!

Not what you asked for but... "cgipaf" allows users to change their un*x
Password, Autoreply and mail Forwarding by a web interface.

It also pretty easy to setup email gateways that allow folks to send a
specially structured email and change their pop password that way. It
sends a request back to the person and confirms the email password
change (with the password blanked out). Of course that's all just some
simple scripting.

Jon




More information about the TriLUG mailing list