[ILUG] fetchmail security...
kevin lyda
kevin at suberic.net
Thu Jan 17 01:22:49 GMT 2002
dunno about anyone else, but passwords in plaintext in my .fetchmailrc
have always bothered me. i just noticed a few weeks ago how to avoid
them. thought i'd mention it if people didn't know:
all you do is this:
poll inle with proto imap and preauth ssh:
plugin "ssh %h /usr/sbin/imapd"
preconnect "/home/kevin/bin/herep inle"
the preconnect command is run and if it returns 0, it tries to connect.
in this case, the herep script checks that ssh-agent is accessible (ie
i'm currently logged in) and that inle is accessible where i am (this is
a laptop so it moves among different networks. it does this by running
the plugin command. in this case it uses ssh to run the imapd daemon
on the mail server. imapd doesn't need a password sent to it if it is
run by a user (and ssh is auth'd via ssh-agent).
anyway, might be handy.
kevin
--
kevin at suberic.net buffy: come on, can't you put your foot down?!
fork()'ed on 37058400 giles: it *is* down.
meatspace place: orbit buffy: one of these days you're going to have to
http://suberic.net/~kevin get a grown up car. --inca mummy girl
More information about the ILUG
mailing list