Date: Tue, 22 Oct 2002 12:05:10 -0400 (EDT) From: Andy Dills <andy@xecu.net> To: Dexter McNeil <dexter@backtech.com> Cc: freebsd-isp@freebsd.org Subject: Re: user account/password sync between machines? Message-ID: <Pine.BSF.4.44.0210221154170.56867-100000@thunder.xecu.net> In-Reply-To: <20021021204543.GA14674@backtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 21 Oct 2002, Dexter McNeil wrote:
> I've got a project that involves two identically configured machines that
> are providing DNS and remote user SSH login. The systems are configured
> such that the users log into 'host', with each machine's DNS server
> returning it's IP address in response to a lookup of 'host'. The idea being
> that if one machine goes down, the other machine will still respond to DNS
> lookups and users will still be able to log in. All of this seems to work
> nicely in testing.
>
> The remaining piece of my puzzle for this is a method of keeping the user
> accounts sync'd between the two machines. I've looked into hacking up the
> adduser.perl script to allow for remote operations on the master.passwd
> file on the two machines (use a third machine to contain the master
> database & publish it to the two remote machines), however I'm wondering
> if anyone has found an easier solution to this type of problem. I'm not in
> a position to implement RADIUS or LDAP at this point, the two machines
> need to be self contained, except for an optional administration machine
> who's availability (or not) won't impact the operation of the two login
> servers.
Dexter, you could use this rdist config file to achieve what you want,
call it /rdist.cfg for the sake of this discussion:
(/etc/master.passwd) -> ( othermachine.your.dom )
special "/usr/sbin/pwd_mkdb";
You'll need to get rshd working on othermachine.your.dom, with allowing
root access. Or, if you aren't confident of the security of the network
between, you can use ssh.
Tack this onto /etc/crontab:
* * * * * /usr/bin/rdist -f /rdist.cfg
Or, if you decide to go with ssh:
* * * * * /usr/bin/rdist -P /usr/bin/ssh -f /rdist.cfg
Andy
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills 301-682-9972
Xecunet, LLC www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.44.0210221154170.56867-100000>