[sclug] Centralised Authentication

Peter Brewer p.w.brewer at reading.ac.uk
Mon Oct 31 15:45:54 UTC 2005


Ok, so LDAP is definitely the 'proper' way to do it, but I'm intrigued 
by David's solution.  I know that it is slightly less than conventional, 
but if it works what are the drawbacks?  From what I've read, the LDAP 
approach is far from simple.  We're talking about managing a dozen 
machines here, not an entire lab full - isn't LDAP a hammer to crack a nut?

Cheers

Pete

David Given wrote:

>On Monday 31 October 2005 13:46, Peter Brewer wrote:
>[...]
>  
>
>>The number of machines that we are managing in our group is growing and
>>we would like to implement some sort of centralised pwd management.  Can
>>anyone suggest the simplest options i.e. can be implemented in an
>>afternoon!  We are running Ubuntu hoary, Ubuntu breezy and Debian woody
>>on our various machines.
>>    
>>
>
>One of the gnarliest hacks I ever perpetrated was setting up a distributed 
>password system of a network of Linux-based terminals. What I did was to have 
>the main server NFS export /etc/passwd; then I had each client mount it over 
>the top of its own /etc/passwd as part of the boot procedure. (You can export 
>single files in NFS.)
>
>This *actually worked*, and quite well... changing the file on the server 
>caused all changes to be instantly visible across the network, and if a 
>terminal was booted without being connected to the server, you got a couple 
>of standard admin users. It was also trivial to set up and maintain.
>
>Whatever you do, don't do it like that.
>
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>sclug mailing list
>sclug at sclug.org.uk
>http://www.sclug.org.uk/mailman/listinfo/sclug
>  
>



More information about the Sclug mailing list