[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: mod_auth_mysql
- From: Chuck Yerkes <chuck+obsd_(_at_)_2004_(_dot_)_snew_(_dot_)_com>
- Date: Tue, 17 Aug 2004 10:58:54 -0700
Quoting Martin Niki (niki1_(_at_)_welho_(_dot_)_com):
> And one final question, is there any kind of central authentication ?
> I'm using sftp, www, ssh, php, mysql, pop3s, imap4s and webmail so it would
> be a _lot_ easier to have one central place for user info, rights, passwords
> and public keys, to authenticate them. Any info, product names, links to
> related articles, etc would be greatly appreciated. Also if it worked for
> console as well, it would be nice, however console and ssh are not mandatory,
> I could keep those separate and it wouldn't increase the workload too much.
You mean one machine with auth in one place? Radius and NIS could work.
I deal with several machines and NIS could work. Kerberos can work,
but web kerberos done properly is rare (get a ticket from the person's
web browser) and a password can be done badly (http vs. https).
You have other information. Things that might go into a, ahem,
DIRECTORY that's served over a network. You might look at a
Directory Access Protocol. X500 was a theory foisted on us, but
never really took off (never really worked) - to big and bloated.
You'd want a Lightweight Directory Access Protocol for multiple
machines/architectures/bits of info. Lets call it LDAP.
Visit your host, monkey.org