Argus Sasl2
carter at qosient.com
carter at qosient.com
Mon Apr 30 08:52:50 EDT 2007
Somehow, you are configured to use Kerberos, but you don't have Kerberos configured (open(/tmp/krb5cc_0)).
You should not be using Kerberos.
Fix that and you should be in business.
This line, "pwcheck_method: saslauthd", of course, does not belong in the argus.conf file.
Carter
Carter Bullard
QoSient LLC
150 E. 57th Street Suite 12D
New York, New York 10022
+1 212 588-9133 Phone
+1 212 588-9134 Fax
-----Original Message-----
From: "CS Lee" <geek00l at gmail.com>
Date: Mon, 30 Apr 2007 17:09:57
To:Argus <argus-info at lists.andrew.cmu.edu>
Subject: [ARGUS] Argus Sasl2
Hey all,
Thanks Carter for the reply, I'm trying to get argus running with sasl2 on FreeBSD 6.2 but has no success. Here are my steps and hopefully someone who has done it on bsd may shade some lights.
Installing FreeBSD ports
cyrus-sasl-2.1.22
cyrus-sasl-saslauthd-2.1.22
Then do a symlink -
ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
Compile argus with sasl2 for both server and client
./configure --with-sasl=/usr/local
make && make install as usual
Then I add the user for sasl
saslpasswd2 -c test
password: test
And I add this three lines in argus.conf under /usr/local,
pwcheck_method: saslauthd
ARGUS_MIN_SSF=1
ARGUS_MAX_SSF=4
I start argus
argus -F /usr/local/argus.conf
argus[8974]: 30 Apr 07 17:04:16.564364 started
argus[8974]: 30 Apr 07 17:04:16.564629 ArgusGetInterfaceStatus: interface em0 is up
argus[8974]: 30 Apr 07 17:04:18.609447 connect from localhost.mschosting.com: <http://localhost.mschosting.com>
ra -S 127.0.0.1:561: <http://127.0.0.1:561>
Username: test
ra[8972]: 17:03: 38.672053 RaSaslNegotiate: error starting SASL negotiation SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (see text) (open(/tmp/krb5cc_0): No such file or directory)
I still unable to get argus with sasl2 going, if you have done it with saslpasswd db and pam on freebsd 6, please do let me know what I have done wrong as I'm not really familiar with sasl and pam.
Thanks.
--
Best Regards,
CS Lee<geekooL[at]gmail.com>
More information about the argus
mailing list