diff options
| -rw-r--r-- | Changelog | 2 | ||||
| -rw-r--r-- | README | 2 |
2 files changed, 3 insertions, 1 deletions
@@ -23,6 +23,8 @@ interimap (0.5.5) upstream; configuration file (the default as of 2.3.11.3), hence running TLS tests now require Dovecot 2.3 or later. - documentation: simplify SSL options in the sample configuration files. + - README: suggest 'restrict,command="/usr/bin/doveadm exec imap"' as + authorized_keys(5) options. -- Guilhem Moulin <guilhem@fripost.org> Fri, 11 Dec 2020 14:55:53 +0100 @@ -69,7 +69,7 @@ type=imaps. Compression yes remote: ~user/.ssh/authorized_keys: - command="/usr/lib/dovecot/imap",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-... id-interimap + restrict,command="/usr/bin/doveadm exec imap" ssh-[…] id-interimap However for long-lived connections (using the --watch command-line option), the TLS overhead becomes negligible hence the advantage offered |