Multipass lets you use application-specific passwords on your own machine.
It has two primary parts:
multipass
, the user component. You (or your users) use this to manage their app-specific passwords.
mp-checkpassword
, the authentication component.
This is a Dovecot checkpassword–compatible
authentication service which reads users’ ~/.multipass
files.
It is as yet unfinished, but is somewhat usable in its current state.
First, download and install multipass:
go get pfish.zone/go/multipass
go install pfish.zone/go/multipass/mp-checkpassword
You probably want to copy the binaries to somewhere on your PATH
.
Then, set up your users. They need to have their home directory executable by the user who runs mp-checkpassword
. This usually means making their home directory world-executable.
Set up dovecot. For Ubuntu, I added a auth-multipass.conf.ext
file with these contents:
passdb {
driver = checkpassword
args = /usr/local/bin/mp-checkpassword
}
I also had to remove the limits on process virtual memory size in 10-master.conf
:
default_vsz_limit = 0
Now your users can run multipass add
to generate a new password.