Centralized DB of "system" users
c.kworr at gmail.com
Sat Dec 13 02:25:28 PST 2008
Valentin Bud wrote:
> There are different students that use those computers and they change
> frequently. So i thought
> to make a server, using FreeBSD (of course), that has a database of users so
> the linux machines
> don't have local users but they query the DB to get login credentials and
> such. I don't
> really know what to look for. So any suggestion and hints to how can i
> achieve this
> are welcomed.
Try using Kerberos v5, everything you need resides in world and there is
a good article in handbook on getting it working. This would be much
more secure then NIS.
Kerberos works as the authentication provider. You still should use some
authorization provider or make users on all machines by hand.
Authorization providers could be:
1. Hesiod. Designed together with Kerberos its currently slightly
broken in our tree.
2. NIS. Just make sure you don't supply password hashes. It's good
enough yet a bit outdated in my thought's.
Sphinx of black quartz judge my vow.
More information about the freebsd-questions