Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to locate a type of user centralized software for linux that will allow for the following.
It has to be secure
Uses some form of encryption on the passwords, not a hash
Scalable
Able to allow one user access to one system but deny him access to another.
I have configured NIS,
It works as needed, except it is not very secure.
Any help on this matter would be much appreciated.
Are all the clients Linux? How big is your user pool, Samba4 is still in alpha stage, but I built it and it worked good for my purpose. Also, some distros like Redhat/CentOS have a directory server you can install and configure. I have done this also, but did not tinker with it much because I got bored and reformatted my server and started from scratch, and did not reinstall it yet.
I will take a look at that, here is what i have so far tried and am trying.
NIS/YP
Kerberos
OpenLDAP
Kerberos+OpenLDAP (still working on this)
Is it possible to configure Kerberos to store the passwords for an NIS Mapped network.
I liked the way NIS worked, as I could disallow all users except for a selected few to the environments they needed access too. but because of how the NIS/YP send the password has unencrypted across the network it makes it not a viable solution.
The issue I was having with LDAP, is denying users access to a specific machine, while providing them access to others. I could only get this one to work by having all users access every machine.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.