LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 03-24-2010, 09:19 AM   #1
Kernel Johnson
LQ Newbie
 
Registered: Jul 2007
Posts: 8

Rep: Reputation: 0
Unhappy How to make a unified login? (PAM, LDAP, /etc/shadow, Samba, etc)


Hi folks,

Sitrep, long story short.

Running this software:

Linux 2.6 on a hacked LaCie NetworkSpace
installed SSHd 5.4
installed Samba 3.4
installed lighttpd 1.4
installed ProFTPD 1.3

I want:

Login with my account and same password on all of those. When i use passwd, the change should be reflected on all of them.

I have:

Samba uses encrypted passwords, and i must change passwords for samba with smbpasswd.

lighttpd uses separate password file, must change by hand.

ProFTPD and SSH use system login (/etc/shadow).



So far i found two possible solutions, but can't tell if i understood them right or how to achieve them:
  1. use LDAP as auth backend If i could make LDAP my auth backend, provided this is possible at all, lighttpd would use this directly, and PAM would use it for system login. Nevertheless, actually this can't work as Samba uses encrypted passwords. Correct?
  2. use Samba password backend, then make LDAP use that If passwd, login, etc would use Samba, i would work everywhere with MD4 hashed stuff. Lighttpd would send plain passwords (HTTP basic auth), and query LDAP, which in turn makes an MD4 hash, and tests for Sambas passwd. Will this work?

Please share your thoughts and experience with this issue, i'll be much obliged four your comment and preferably howto links, thanks!
 
Old 03-26-2010, 01:09 AM   #2
kbp
Senior Member
 
Registered: Aug 2009
Posts: 3,724

Rep: Reputation: 635Reputation: 635Reputation: 635Reputation: 635Reputation: 635Reputation: 635
An ldap server can do this, once pam is configured to use ldap it will be available to any application that uses pam. The next step would be to check whether the other applications support pam or not.

cheers
 
  


Reply

Tags
lighttpd, login, pam, passwd, proftpd, samba, ssh


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu 8.04 / LDAP / NSS / PAM - not sharing shadow password hence not authenticating fuzzyworm Linux - Server 5 01-01-2009 03:29 PM
ldap pam active directory login zerocool22 Linux - Server 0 05-20-2008 03:49 AM
FC5 /etc/pam.d/login ldap configuraion? cbtg2006 Fedora 0 04-21-2006 09:28 AM
PAM and LDAP, can't login locally Staceman Linux - Networking 0 07-02-2003 11:25 AM
Samba, PAM and LDAP Linh Linux - Networking 0 05-09-2003 10:07 AM


All times are GMT -5. The time now is 01:33 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration