Helio/network-auth

From FBSD_tips

Jump to: navigation, search

Notes on a network based authentication method for FreeBSD (as NIS/NFS seem inadequate to me)

[edit] Restrictions on implementation

As much as possible should be implemented as a high level interpreted language.
ie, you should be able to simply copy the files to a powerpc machine from an i386 machine and it 'just work'

[edit] Authentication

wrapper for login(8) or a pam module (I'd prefer a wrapper; pam would need a seperate binary per architecture.. pointless waste)
use a standard cross platform interface (either wrapping openssh or wrapping openssl)
verification is first done for the host, then it's done for the user. (the host should be done earlier)
needs a mapping layer for filesystems, to map an attribute (say owner/group uuid) to local scope uid/gids)

Retrieved from "http://bsdtips.utcorp.net/mediawiki/index.php/Helio/network-auth"

Views

Personal tools

Log in / create account

Search

Bit Bucket