[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: forcing user to use strong auth



>>>How to force user to user encrypted session only (never allow plain mode)?
>>>forcing means on the server side, not client side.
>>The ssf ACL directive amd maybe the "disallow bind_simple"
>Sorry, the subject is incorrect, it should be "..use encryption".
>If this directory mainly used for domain authentication (using pam and
>samba) also use for pop3/imap what is recomended setup, using ssl or tls?
>how many mail client support for tls?
>Thanks. 

>From the slapd.conf man page...

security <factors>
     Specify  a set of factors (separated by white space) to require.
     An integer value is associated with each factor and  is  roughly
     equivalent  of the encryption key length to require.  A value of
     112 is equivalent to 3DES, 128 to Blowfish, etc..  The directive...