Red-hat 8.1 Manuel d'utilisateur télécharger pdf (Page 183)

Table 6.7 . Description of CRAM-MD5 Mechanism Options

Required

Optional

Option Description Example

Required mech=CRAM-MD5 Gives the SASL mechanism. -o “mech=CRAM-MD5”

Required authid=authid_value Gives the ID used to authenticate to the server.

authid_value can be the following:

UID. For example, msmith.

u: uid. For example, u: m smith.

dn: dn_value. For example, dn:

uid=m sm ith,ou=People,o=exam ple.com .

-o “authid=dn:uid=jsmith, ou=People,

dc=example, dc=com"

Optional secprop=value The secprop attribute sets the security properties

for the connection. The secprop value can be any

of the following:

None

noplain — Do not permit mechanisms

susceptible to simple passive attack.

noactive — Do not permit mechanisms

susceptible to active attacks.

nodict — Do not permit mechanisms

susceptible to passive dictionary attacks.

forwardsec — Require forward secrecy.

passcred — Attempt to pass client credentials.

noanonymous — Do not permit mechanisms

that allow anonymous access.

minssf — Require a minimum security strength;

this option needs a numeric value specifying

bits of encryption. A value of - 1 means

integrity is provided without privacy.

maxssf — Require a maximum security

strength; this option needs a numeric value

specifying bits of encryption. A value of - 1

means integrity is provided without privacy.

maxbufsize — Set the maximum receive buffer

size the client will accept when using integrity or

privacy settings.

-o

"secprop=noplain,minssf=1,maxbufsize=512"

Red Hat Directory Server 8.1 Configuration and Command Reference 183

1 2 ... 178 179 180 181 182 183 184 185 186 187 188 ... 291 292

Pas de commentaire

Red-hat 8.1 Manuel d'utilisateur Page 183