Your pop should be PAM'ified, i.e. pop daemon goes to PAM, which handles
auth, rather then pop daemon going direct to /etc/passwd. It's simple.
servers should support PAM, otherwise you will have funfilled problems like
this.
Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://www.seifried.org/security/
----- Original Message -----
From: "Boris Kimel"
Hello All,
Sorry to annoy you, but POP3 doesn't recognize MD5 passwords. All other services are ok. POP3 works perfect for the users whose passwords were not changed yet (i.e. were not converted to MD5).
Why should I want MD5 passwords? That's simple: we had a RedHat system using MD5 passwords and (i) we'd like to transfer all the users with their passwords to SuSE; (ii) the existing passwords are longer than 8 characters.
Looks like I need further reading on the PAM, but maybe there's a proven approach?
Thanks, -- Boris Kimel Webmaster and Network Administrator The Moscow Chemical Lyceum 4 Tamozhennyi Proezd Moscow, Russia. Phone: +7 095 1358941 Fax: +7 095 1355328 Email: kimel@1303.ru
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com