No they are using NIS / Pam.
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Eskimo North Linux Friendly Internet Access, Shell Accounts, and Hosting.
Knowledgeable human assistance, not telephone trees or script readers.
See our web site: http://www.eskimo.com/ (206) 812-0051 or (800) 246-6874.
On Sat, 2 Mar 2019, Nick Couchman wrote:
Date: Sat, 2 Mar 2019 16:02:02 -0500
From: Nick Couchman <[email protected]>
Reply-To: [email protected]
To: [email protected]
Subject: Re: More Fun
On Sat, Mar 2, 2019 at 3:50 PM Robert Dinse <[email protected]> wrote:
If there were an NIS / Unix / Pam authentication module then I'd use
that but I am unwilling to have to have users register yet another password
and I can't get their existing passwords since they are encrypted. And
since all the servers they are going to are already accessible via ssh and
x2go an additional layer of authentication does nothing but inconvenience
the customer. Since it does pass through the real IP in the header, I
should
be able to write fail2ban rules to cover brute force password guessing.
I think someone posted a link a while back to a PAM authentication module
for Guacamole, so that might be an option.
I'm guessing the servers they log into are not configured to authenticate
with LDAP?
-Nick
