From owner-freebsd-isp Mon Oct 21 13:45:55 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8C91837B401 for ; Mon, 21 Oct 2002 13:45:54 -0700 (PDT) Received: from backtech.com (wilma.backtech.com [209.198.99.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 71CC243E4A for ; Mon, 21 Oct 2002 13:45:49 -0700 (PDT) (envelope-from dexter@backtech.com) Received: (from dexter@localhost) by backtech.com (8.8.8/8.8.5) id QAA06553 for freebsd-isp@freebsd.org; Mon, 21 Oct 2002 16:45:43 -0400 (EDT) Date: Mon, 21 Oct 2002 16:45:43 -0400 From: Dexter McNeil To: freebsd-isp@freebsd.org Subject: user account/password sync between machines? Message-ID: <20021021204543.GA14674@backtech.com> Reply-To: dexter@backtech.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.28i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I've got a project that involves two identically configured machines that are providing DNS and remote user SSH login. The systems are configured such that the users log into 'host', with each machine's DNS server returning it's IP address in response to a lookup of 'host'. The idea being that if one machine goes down, the other machine will still respond to DNS lookups and users will still be able to log in. All of this seems to work nicely in testing. The remaining piece of my puzzle for this is a method of keeping the user accounts sync'd between the two machines. I've looked into hacking up the adduser.perl script to allow for remote operations on the master.passwd file on the two machines (use a third machine to contain the master database & publish it to the two remote machines), however I'm wondering if anyone has found an easier solution to this type of problem. I'm not in a position to implement RADIUS or LDAP at this point, the two machines need to be self contained, except for an optional administration machine who's availability (or not) won't impact the operation of the two login servers. Any suggestions?? Many thanks, Dexter McNeil dexter@backtech.com -- The ultimate destination on the journey of life is a hole 6 feet deep. Enjoy the journey - the destination is nothing to write home about. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message