Date: Sat, 13 Dec 2008 12:24:50 +0200 From: Volodymyr Kostyrko <c.kworr@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Centralized DB of "system" users Message-ID: <gi02i7$jlh$1@ger.gmane.org> In-Reply-To: <139b44430812112348k5c51072ie771913c982f7cfe@mail.gmail.com> References: <139b44430812112348k5c51072ie771913c982f7cfe@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Valentin Bud wrote: > There are different students that use those computers and they change > frequently. So i thought > to make a server, using FreeBSD (of course), that has a database of users so > the linux machines > don't have local users but they query the DB to get login credentials and > such. I don't > really know what to look for. So any suggestion and hints to how can i > achieve this > are welcomed. Try using Kerberos v5, everything you need resides in world and there is a good article in handbook on getting it working. This would be much more secure then NIS. Kerberos works as the authentication provider. You still should use some authorization provider or make users on all machines by hand. Authorization providers could be: 1. Hesiod. Designed together with Kerberos its currently slightly broken in our tree. 2. NIS. Just make sure you don't supply password hashes. It's good enough yet a bit outdated in my thought's. -- Sphinx of black quartz judge my vow.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?gi02i7$jlh$1>