Index Index for
Section 1
Index Alphabetical
listing for S
Bottom of page Bottom of
page		 

SASL.CONF(1)


NAME

  sasl.conf - SASL Configuration file for nnrpd.


DESCRIPTION

  The file sasl.conf in pathetc specifies Simple Authentication and Security
  Layer (SASL), defined in RFC 2222, for nnrpd.	 Now nnrpd implements only
  Security Layer support, which is an extension of RFC 2595. This means you
  can get SSL or TLS encrypted NNRP between your server and newsreaders. It
  requires OpenSSL 0.9.3 or newer http://www.openssl.org/; it has been tested
  with versions 0.9.4 and 0.9.5.


INSTALLATION

  To use SSL, a certificate and private key are needed that you can create
  using the openssl binary. Make certain that each keys are owned by your
  news user, news group, and are mode 0640 or 0660.

  EXAMPLE

     openssl req -new -x509 -nodes -out /usr/local/news/lib/cert.pem\
      -days 366 -keyout /usr/local/news/lib/cert.pem
     chown news:news /usr/local/news/lib/cert.pem
     chmod 640 /usr/local/news/lib/cert.pem

  You also can make the keys by the root user as follows.

     make cert


CONFIGURATION

  Comments begin with a number	sign  (#)  and	continue through the end of
  the line.  Blank lines and comments are ignored.  All other lines specify
  parameters, and should be of the following form:

  Each line of the sasl.conf in pathetc has the form

      <option>: <value>

  where <option> is the name of the configuration option being set  and
  <value> is the value that the configuration option is being set to.

  Blank lines and lines beginning with (#) are ignored.	 For boolean options,
  the values  yes,  on,	 t, and	 1 turn the option on, the values no, off, f,
  and 0 turn the option off.

  tls_cert_file
      The path to a file containing the server's certificate.

  tls_key_file
      The path to a file containing the server's private key.

  tls_ca_path
      The path to a directory containing the CA's certificate.

  tls_ca_file
      The path to a file containing the CA's certificate.


TO DO

  Implement methods of the authentication protocols of SASL.


HISTORY

  Written by Kenichi OKADA <okada@opaopa.org> for InterNetNews


SEE ALSO

  inn.conf(5), innd(8), nnrpd(8), readers.conf(5)

Index Index for
Section 1
Index Alphabetical
listing for S
Top of page Top of
page