LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   How to make one rhel5 server control passwords for several rhel5 servers. (http://www.linuxquestions.org/questions/linux-newbie-8/how-to-make-one-rhel5-server-control-passwords-for-several-rhel5-servers-710776/)

folkrm 03-11-2009 10:39 AM

How to make one rhel5 server control passwords for several rhel5 servers.
 
Hello;

I am relatively new to rhel5, and I am in the process of setting up 6 rhel5 servers, and I would like to set them up where you only have to log into one(Master)server with username and password, and be able to access the others. (Single Sign-On like).


Thank you in advance for the assistance.


Folkrm

Tinkster 03-11-2009 10:51 AM

Hi, and welcome to LQ!

There is no mechanism I'm aware of that allows "single sign-on"
over various servers as such; what you can do is set-up an ssh
account with a complex pass-phrase on your local box, and use
passwordless authentication with ssh to log onto your machines.

Of course, that only controls your pass-phrase locally on your
workstation.


Cheers,
Tink

folkrm 03-11-2009 12:49 PM

Reply
 
Would setting up an NIS Server on one, and making the rest NIS clients perform nearly the same function???

Thanks for your assistance.

Folkrm

Tinkster 03-11-2009 02:17 PM

No, it wouldn't. You'd just assure that you can use the same password
on all; but you'd still need to authenticate against them individually.

And on that note: NIS has pretty much been obsoleted. If you think of
directory services go LDAP.

But maybe single sign-on to you means something different from the rest
of the industry? If identical credentials is all you're after you may
want to look at quite different possible solutions:

a) use puppet to maintain the passwd, group & shadow files and push it
to all machines
b) define one of the machines to have password-less auth to the others
via ssh, and if passwd/group/shadow change use inotify or dazuko to
push them via script.
c) ....




Cheers,
Tink


All times are GMT -5. The time now is 10:30 PM.