-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpeepos.conf
28 lines (27 loc) · 1.25 KB
/
peepos.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# format: 'domain.name'=>{'account login'=>['password', 'local username']}
#
# an account can be configured to authenticate either with APOP (encrypted
# authentication) or with USER/PASS (plain-text), but not both.
# accounts that are set-up for APOP must somewhat ironically store their
# passwords in plain-text, prefixed with "apop:". accounts set-up to use
# USER/PASS must store them as base64-encoded SHA256 hashes, and prefix
# them with "pass:". the recommended scheme is USER/PASS in order to help
# protect the account file, since little peepo already enforces TLS.
#
# the hashed content for USER/PASS authentication is the account login
# followed by the password. the product can be generated using openssl:
#
# if the account login is "Largo" and the password is "LaGrand3" then...
#
# echo -n 'LargoLaGrand3' | openssl dgst -binary -sha256 | openssl base64
#
# ...should produce "8le7YiymHu5/cSWOP4l687kNFy+J1BdshX8H1JN9Ci8="
#
# note: passwords and logins are case-sensitive, and little peepo enforces
# a minimum password length of 15 characters.
{
# 'mail.example.com'=>{
# 'someaccount'=>['pass:Pck8QuUf6GjjL5t7HtBiwYbUYdgI7E93qDwWbz62K5w=', 'localuser'],
# 'anotheraccount'=>['apop:plaintextpassword', 'otherlocaluser'],
# },
}