[ale] How do you deal with SSO at home?
Solomon Peachy
pizza at shaftnet.org
Wed Dec 13 14:10:51 EST 2017
On Wed, Dec 13, 2017 at 12:50:45PM -0500, DJ-Pfulio via Ale wrote:
> How do you deal with SSO at home?
> In the 1990s, NIS was the answer. Security needs changed that.
> So, how do you do it?
It depends greatly on what services you're trying to unify, how
they're accessed, and how many distinct servers are in play. Do you
want this to also cover shared filesystems too?
It also depends on if you're seeking to "authenticate once" or just
share an authentication backend so all logins use the same credentials.
The latter is fairly easy -- My stuff generally authenticates against
the system PAM backend, or IMAP if it's some sort of web thingey.
Some time ago I played around with an LDAP backend for everything (using
389 directory server) but it was a serious amount of administration
overhead and yielded no benefits.
I'd been meaning to set up an OpenID provider, but haven't found one
that plays well with an existing authentication backend.
- Solomon
--
Solomon Peachy pizza at shaftnet dot org
Coconut Creek, FL ^^ (email/xmpp) ^^
Quidquid latine dictum sit, altum videtur.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://mail.ale.org/pipermail/ale/attachments/20171213/545ede44/attachment.sig>
More information about the Ale
mailing list