Re: [vox-tech] fetchmail and ssh
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [vox-tech] fetchmail and ssh
- Subject: Re: [vox-tech] fetchmail and ssh
- From: jdnewmil@dcnMAPS.davis.ca.us
- Date: Tue, 13 Feb 2001 03:23:08 -0800
- References: 20010213011705.A4024@dirac.org
On Tue, 13 Feb 2001, Peter Jay Salzman wrote:
> ok, i've been at this for awhile; time to get help.
>
> i'm trying to get fetchmail to send my password securely. this is what i've
> tried for .fetchmailrc:
>
> poll belial.ucdavis.edu with protocol pop3 and port 11110:
> preconnect "ssh -f belial.ucdavis.edu -L 11110:belial.ucdavis.edu:110
>belial.ucdavis.edu sleep 20"
> password XXXX;
>
> and:
>
> poll belial.ucdavis.edu via localhost port 1234 with proto pop3:
> preconnect "ssh -f -L 1234:belial.ucdavis.edu:110 belial.ucdavis.edu sleep 20
></dev/null >/dev/null"
> password XXXX;
>
> and a few variations on these two themes. i'm getting the same error message:
>
> fetchmail: starting fetchmail 5.5.3 daemon
> fetchmail: 5.5.3 querying belial.ucdavis.edu (protocol POP3) at Tue Feb 13 01:09:20
>2001
> You have no controlling tty. Cannot read passphrase.
> fetchmail: pre-connection command failed with status 65280
> fetchmail: Query status=5 (SYNTAX)
>
> i'm sure i have a few hurdles to jump here. the first one is the no
> controlling tty one. can someone help me out with this?
You must setup an authorization key that allows connections to belial
without entering any verification (i.e. have a private key with no
passphrase for root@dirac.org, have corresponding public key in
/home/p/.ssh/authorized_keys). That should get rid of the complaint about
no controlling tty.
You probably also need to add a "-l p" (say, between the "-f" and "-L" to
go from user root@dirac.org to user p@belial.
> i was hoping the password XXXX; would save me from having to type in a
> password.
The password is to satisfy pop... notice that it is not part of the ssh
command.
> also, i feel ashamed to ask this, but what exactly is the difference between
> ssh, ssl and kerberos?
I am not exactly sure of the details, but from what I know ssh builds a
general purpose encrypted point-to-point tunnel using one protocol, ssl
does something similar with a different protocol, and kerberos is a system
of centralizing managment of security in a network. ssh key managment is
pretty ad-hoc, ssl key management is pretty one-sided (using certifying
authorities like Verisign), and kerberos is for a large organization.
---------------------------------------------------------------------------
Jeff Newmiller The ..... ..... Go Live...
DCN:<jdnewmil@dcn.davis.ca.us> Basics: ##.#. ##.#. Live Go...
Work:<JeffN@endecon.com> Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/Batteries O.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------
|
