[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: group access to servers howto

To: Kent Nasveschuk <Kent.Nasveschuk@fastsearch.com>
Subject: Re: group access to servers howto
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Fri, 5 Jan 2007 12:50:43 +0100
Cc: <heimdal-discuss@sics.se>
In-Reply-To: <42280E48CED0354D9AA754FE8B142C91072C0A82@boses01.ad.fast.no>
References: <42280E48CED0354D9AA754FE8B142C91072C0A82@boses01.ad.fast.no>
Sender: owner-heimdal-discuss@sics.se

> Here is a senario of what I would like to accomplish.
>
> Server system are primarily RedHat Linux and Solaris 10.
> User logs in to server system with his/her krb account, su to a non- 
> priveleged user does some work gets out.
>
> What I want to do is limit user access to particular groups of  
> servers based on a users group affiliation. Example, 6 people  
> belong to group xyz that have access to 10 servers and no others.
>
> Have any ideas on this?
We use PAM and build users list file (/etc/password equivalent) to  
control access to each server.

Kerberos could be used to limit such things, but given that we have  
password based
logins and rsa-key based login too, its not complete.

Love

References:
- group access to servers howto
  - From: "Kent Nasveschuk" <Kent.Nasveschuk@fastsearch.com>

Prev by Date: Re: Failure to accept forwarded credentials casues bailout
Next by Date: heimdal 0.8-rc3
Prev by thread: group access to servers howto
Next by thread: Please do not attack me.
Index(es):
- Date
- Thread