1SASL.CONF(5)              InterNetNews Documentation              SASL.CONF(5)
2
3
4

NAME

6       sasl.conf - SASL Configuration file for nnrpd.
7

DESCRIPTION

9       The file sasl.conf in pathetc specifies Simple Authentication and Secu‐
10       rity Layer (SASL), defined in RFC 2222, for nnrpd.  Now nnrpd imple‐
11       ments only Security Layer support, which is an extension of RFC 2595.
12       This means you can get SSL or TLS encrypted NNRP between your server
13       and newsreaders. It requires OpenSSL 0.9.3 or newer from
14       http://www.openssl.org/; it has been tested with versions 0.9.4 and
15       0.9.5.
16

INSTALLATION

18       To use SSL, a certificate and private key are needed that you can cre‐
19       ate using the openssl binary.  Make certain that each keys are owned by
20       your news user, news group, and are mode 0640 or 0660.
21
22       EXAMPLE
23
24          openssl req -new -x509 -nodes -out /usr/local/news/lib/cert.pem\
25           -days 366 -keyout /usr/local/news/lib/cert.pem
26          chown news:news /usr/local/news/lib/cert.pem
27          chmod 640 /usr/local/news/lib/cert.pem
28
29       You also can make the keys as the root user with "make cert".
30

CONFIGURATION

32       Comments begin with a number  sign  ("#")  and  continue through the
33       end of the line.  Blank lines and comments are ignored.  All other
34       lines specify parameters, and should be of the form
35
36           <option>: <value>
37
38       where <option> is the name of the configuration option being set and
39       <value> is the value that the configuration option is being set to.
40
41       Blank lines and lines beginning with ("#") are ignored.  For boolean
42       options, the values  "yes",  "on",  "t", and  1 turn the option on; the
43       values "no", "off", "f", and 0 turn the option off.
44
45       tls_cert_file
46           The path to a file containing the server's certificate.
47
48       tls_key_file
49           The path to a file containing the server's private key.
50
51       tls_ca_path
52           The path to a directory containing the CA's certificate.
53
54       tls_ca_file
55           The path to a file containing the CA's certificate.
56

TO DO

58       Implement methods of the authentication protocols of SASL.
59

HISTORY

61       Written by Kenichi OKADA <okada@opaopa.org> for InterNetNews.
62

SEE ALSO

64       inn.conf(5), innd(8), nnrpd(8), readers.conf(5)
65
66
67
68INN 2.4.0                         2002-12-03                      SASL.CONF(5)
Impressum