[sclug] Centralised Authentication
David Given
dg at cowlark.com
Mon Oct 31 15:13:02 UTC 2005
On Monday 31 October 2005 13:46, Peter Brewer wrote:
[...]
> The number of machines that we are managing in our group is growing and
> we would like to implement some sort of centralised pwd management. Can
> anyone suggest the simplest options i.e. can be implemented in an
> afternoon! We are running Ubuntu hoary, Ubuntu breezy and Debian woody
> on our various machines.
One of the gnarliest hacks I ever perpetrated was setting up a distributed
password system of a network of Linux-based terminals. What I did was to have
the main server NFS export /etc/passwd; then I had each client mount it over
the top of its own /etc/passwd as part of the boot procedure. (You can export
single files in NFS.)
This *actually worked*, and quite well... changing the file on the server
caused all changes to be instantly visible across the network, and if a
terminal was booted without being connected to the server, you got a couple
of standard admin users. It was also trivial to set up and maintain.
Whatever you do, don't do it like that.
--
+- David Given --McQ-+
| dg at cowlark.com | "The further you are from your server, the more
| (dg at tao-group.com) | likely it is to crash." --- Woodhead's law
+- www.cowlark.com --+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.tmdg.co.uk/pipermail/sclug/attachments/20051031/07dbc6f0/attachment.bin
More information about the Sclug
mailing list