LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-17-2009, 10:32 PM   #1
DaijoubuKun
LQ Newbie
 
Registered: Jul 2005
Distribution: Slackware 13.37/14.0 + 64 14.0/14.1
Posts: 11

Rep: Reputation: 1
PAM or ldap, which will be best for my needs?


Recently I was put in charge of 14 Slackware Linux servers. Luckily it's just making sure they are running and patched. Well I wanted to create a user management system so that each of the users that log into these machines will never have to remember what password goes to what box. Fox example, they can log into one box change their password then log into another and use that new password. Something similar to what Active Directory does (at least that's what I have been told it does). Now I know ldap is good at working with AD, but I'm not using AD and I was told that when the boxes communicate it's over an unencrypted connection (with ldap). It was suggested to me to use PAM because it does what I want and will encrypt the traffic. Is this information correct? What suggestions can be offered oh how I might go about this. Thank you.

edit:
I should note that at this time the only way anyone can login to the servers is to by physically in front of them or SSH.

Last edited by DaijoubuKun; 11-17-2009 at 10:49 PM. Reason: forgot to include login data
 
Old 11-18-2009, 02:21 AM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,301

Rep: Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037Reputation: 2037
OpenLDAP+TLS
http://www.linuxhomenetworking.com/w...DAP_and_RADIUS (you can ignore the RADIUS section).
 
Old 11-18-2009, 08:20 AM   #3
Jim Bengtson
Member
 
Registered: Feb 2009
Location: Iowa
Distribution: Ubuntu 9.10
Posts: 164

Rep: Reputation: 38
LDAP authentication using pam_ldap and nss_ldap
http://www.faqs.org/docs/Linux-HOWTO...TO.html#PAMNSS
 
Old 11-18-2009, 05:53 PM   #4
DaijoubuKun
LQ Newbie
 
Registered: Jul 2005
Distribution: Slackware 13.37/14.0 + 64 14.0/14.1
Posts: 11

Original Poster
Rep: Reputation: 1
Thanks for the links. Good to know I can just use ldap for my needs. That will be helpful in the future as the company says they want to also start using windows servers and I know ldap and AD can work together. Thanks again. Hopefully this will get me headed in the right direction.
 
Old 11-22-2009, 03:23 PM   #5
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,402

Rep: Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131Reputation: 1131
To clarify: PAM is a standard low-level architecture for implementing security modules... one of which can be "a module that queries LDAP to get its answers."
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP authentication without PAM petr.hoffmann Slackware 1 02-12-2009 04:25 PM
pam ldap authentication brandon@rhiamet.com Linux - Security 2 01-22-2009 07:58 AM
Pam ldap sci3ntist Linux - Software 1 01-28-2008 07:46 AM
pam + ldap client paul_mat Linux - Networking 0 10-25-2005 10:55 PM
Samba, PAM and LDAP Linh Linux - Networking 0 05-09-2003 10:07 AM


All times are GMT -5. The time now is 10:11 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration