This documentation is for Dovecot v2.x, see wiki1 for v1.x documentation.
Differences between revisions 2 and 3
Revision 2 as of 2006-06-10 16:38:25
Size: 2142
Editor: jflowers
Comment:
Revision 3 as of 2006-06-10 16:51:05
Size: 2141
Editor: jflowers
Comment:
Deletions are marked like this. Additions are marked like this.
Line 22: Line 22:
Unfortunately, mmencode on FreeBSD chokes on "\0". As an alternate, if you have MMIME::Base64 on your system, you can use a perl statement to do the same thing: Unfortunately, mmencode on FreeBSD chokes on "\0". As an alternate, if you have MIME::Base64 on your system, you can use a perl statement to do the same thing:

Debugging Authentication

Numerous settings in dovecot.conf can assist in debugging authentication failures. These are described in the comments in the dovecot-example.conf file that is provided with the source distribution.

In addition it might be useful to know how to construct and to decode a PLAIN mechanism string. printf(1) and mmencode(1) should be available in most Unix or GNU/Linux systems. (If not, check with your distribution. GNU coreutils includes printf(1), and metamail includes mmencode(1).)

Example authentication string encoding

$ printf 'username\0username\0password' | mmencode
dXNlcm5hbWUAdXNlcm5hbWUAcGFzc3dvcmQ=

This string is what a client would use to attempt PLAIN authentication as user "username" with password "password." With verbose logging, specifically with auth_debug_passwords = yes, it would appear in your logs.

Alternate Approach with perl

Unfortunately, mmencode on FreeBSD chokes on "\0". As an alternate, if you have MIME::Base64 on your system, you can use a perl statement to do the same thing:

perl -MMIME::Base64 -e 'print encode_base64("myusername\@domain.tld\0myusername\@domain.tld\0mypassword");'

As mmencode -u doesn't encounter any "\0" you can also do:

perl -MMIME::Base64 -e 'print encode_base64("myusername\@domain.tld\0myusername\@domain.tld\0mypassword");' | mmencode -u

to check that you have encoded correctly.

Example authentication string decoding

You can use mmencode -u to interpret the encoded string pasted into stdin as follows:

# mmencode -u
bXl1c2VybmFtZUBkb21haW4udGxkAG15dXNlcm5hbWVAZG9tYWluLnRsZABteXBhc3N3b3Jk<CR>
myusername@domain.tldmyusername@domain.tldmypassword<CTRL-D>
#

You should see the correct user address (twice) and password. The null bytes won't display.

None: Debugging/Authentication (last edited 2016-05-03 13:51:47 by adsl-ull-47-109)