[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: centralized user management
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: centralized user management
- From: Todd Pytel <tppytel_(_at_)_covad_(_dot_)_net>
- Date: Mon, 14 Apr 2003 10:28:19 -0500
"Matt Van Mater" <nutter__(_at_)_hotmail_(_dot_)_com> wrote:
> I'm looking for a way to manage user accounts on my small home
> network, and would like to create a centralized method of
> authentication. I have looked into it and have yet to find a solution
> that meets my needs well.
NIS would be the simplest choice in your situation. Put all your
accounts on one machine, and have it serve out passwd, shadow, and group
maps to the others. Not at all secure if you don't trust your users,
but for a home network it should be fine. LDAP would the more
professional way to handle it, and be more interoperable with Windows
machines, but as you've seen is non-trivial to setup. If you want more
security than NIS, or just want to play around with it, Kerberos is
relatively easy to setup. For Kerb login authentication, just use NIS
to get passwd and group maps (not shadow maps), and replace /bin/login
with /usr/sbin/login.krb5. Check out the "How to Kerberize your site"
link from the Kerb home page for a good HOWTO.
Visit your host, monkey.org