[PLUG] imap server that allows ssl certificate based authentication?

Paul Heinlein heinlein at madboa.com
Tue Oct 27 15:08:59 UTC 2015


On Mon, 26 Oct 2015, Michael Rasmussen wrote:

> I was conflating use of ssh and SSL certs. One can put your password 
> in .muttrc but clear text passwords are a bad habit. So I was 
> exploring a way to use public key to authenticate the imap session. 
> Courier is v4.9.1 - it was chosen years ago and the decision has not 
> be revisited. Not that I'm adverse to doing so. stunnel would work, 
> I'll weigh it vs coercing imap server to fit my whim.

Personally, I like combining passwords and tokens (the old "what I 
have and what I know" combo). I've been using password-based IMAP 
transported over certificate-based OpenVPN, which does the trick for 
me.

I readily acknowledge that my solution isn't really what you're hoping 
to use. Still, it's flexible enough so that all sorts of services that 
traditionally rely on passwords (SMTP AUTH, web services, plus IMAP) 
can be wrapped in a certificate-authenticated connection.

It has the further benefit that you only need to contact one remote 
port, reducing the chance that a local firewall will become an 
obstacle to your session.

-- 
Paul Heinlein
heinlein at madboa.com
45°38' N, 122°6' W


More information about the PLUG mailing list