> I would like to have user passwords the same on all boxes, and to > control who can access which boxes and who can gain root. > All centrally managed. > > a) User passwords > -> ldap > b) control who can access which boxes > -> ldap group > c) control who can gain root system wide > -> no idea? > d) control who can gain root on a certain box only > -> no idea? > > Can anyone help?
a+b are currently implemented in the following project, while c-d are planned for v2 free: http://freeipa.org supported: http://www.redhat.com/enterprise_ipa/ > Once that is solved, I'd like some way of managing ssh public keys. > The LPK patch to openssh looks promising, where ldap keys are looked > up in ldap, but this is not in RHEL. > What do other people use for this? i've always managed keys manually, and i've never heard of trying it with ldap, but that sounds kewl. maybe you could patch freeipa to support the concept. that'd be a nice feature. I went to read up on LPK and found that they directed me to this: http://code.google.com/p/openssh-lpk/ They seems to have some RPMs built on fedora that replace the standard openssh install (not sure how I feel about that personally). I've always handled my keys by hand, and thus <shameless plug>made a simple cli ssh key pushing/pulling utility that I called keploy and put out on http://keploy.googlecode.com</shameless>. -greg _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
