Provided by: inn2_2.4.3+20070806-1_i386 bug

NAME

       sasl.conf - SASL Configuration file for nnrpd.

DESCRIPTION

       The file sasl.conf in pathetc specifies Simple Authentication and
       Security Layer (SASL), defined in RFC 2222, for nnrpd.  Now nnrpd
       implements only Security Layer support, which is an extension of RFC
       2595. This means you can get SSL or TLS encrypted NNRP between your
       server and newsreaders. It requires OpenSSL 0.9.3 or newer from
       http://www.openssl.org/; it has been tested with versions 0.9.4 and
       0.9.5.

INSTALLATION

       To use SSL, a certificate and private key are needed that you can
       create using the openssl binary.  Make certain that each keys are owned
       by your news user, news group, and are mode 0640 or 0660.

       EXAMPLE

          openssl req -new -x509 -nodes -out /usr/local/news/lib/cert.pem\
           -days 366 -keyout /usr/local/news/lib/cert.pem
          chown news:news /usr/local/news/lib/cert.pem
          chmod 640 /usr/local/news/lib/cert.pem

       You also can make the keys as the root user with "make cert".

CONFIGURATION

       Comments begin with a number  sign  ("#")  and  continue through the
       end of the line.  Blank lines and comments are ignored.  All other
       lines specify parameters, and should be of the form

           <option>: <value>

       where <option> is the name of the configuration option being set and
       <value> is the value that the configuration option is being set to.

       Blank lines and lines beginning with ("#") are ignored.  For boolean
       options, the values  "yes",  "on",  "t", and  1 turn the option on; the
       values "no", "off", "f", and 0 turn the option off.

       tls_cert_file
           The path to a file containing the server’s certificate.

       tls_key_file
           The path to a file containing the server’s private key.

       tls_ca_path
           The path to a directory containing the CA’s certificate.

       tls_ca_file
           The path to a file containing the CA’s certificate.

TO DO

       Implement methods of the authentication protocols of SASL.

HISTORY

       Written by Kenichi OKADA <okada@opaopa.org> for InterNetNews.

SEE ALSO

       inn.conf(5), innd(8), nnrpd(8), readers.conf(5)