SQL pass/shadow - Debian

This is a discussion on SQL pass/shadow - Debian ; Hi debian-isp! I am looking for a sql replacement for pam_unix database . It should be mysql auth. mechanism that will allow my users through proftpd, ssh and on vty's . What should i look for ? I've already installed ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: SQL pass/shadow

  1. SQL pass/shadow

    Hi debian-isp!

    I am looking for a sql replacement for pam_unix database .

    It should be mysql auth. mechanism that will allow my users through
    proftpd, ssh and on vty's .

    What should i look for ?

    I've already installed libnss-mysql but it only authenticate users, i
    cant change password etc.


    regards.
    WZ

    --
    Wojciech Ziniewicz
    Unix SEX :{look;gawk;find;sed;talk;grep;touch;finger;find;f l
    ex;unzip;head;tail; mount;workbone;fsck;yes;gasp;fsck;more;yes;yes;eje
    ct;umount;makeclean; zip;split;done;exit:xargs!!}


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  2. Re: SQL pass/shadow

    On Mon, Apr 21, 2008 at 09:18:00PM +0200, Wojciech Ziniewicz wrote:
    > It should be mysql auth. mechanism that will allow my users through
    > proftpd, ssh and on vty's .


    libpam-mysql (since proftpd ssh login use pam)

    > I've already installed libnss-mysql but it only authenticate users, i
    > cant change password etc.


    passwd also uses pam

    (However, last time I used libpam-mysql was many years ago. Obviosly, be
    sure to have a good backup and failover solution fou your mysql server.
    In any case I would never authenticate administrative users against the
    compexities of a sql database)

    --
    Chi usa software non libero avvelena anche te. Digli di smettere.
    Informatica=arsenico: minime dosi in rari casi patologici, altrimenti letale.
    Informatica=bomba: intelligente solo per gli stupidi che ci credono.


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  3. Re: SQL pass/shadow

    On 21.04.08 21:18, Wojciech Ziniewicz wrote:
    > I am looking for a sql replacement for pam_unix database .


    does it really have to be mysql? Many prople use LDAP and many programs
    support LDAP for such usage, which has some dvantages like easy data
    replication etc. (and afaik many MTA's can benefit from LDAP like rejecting
    unknown users even on MX backup servers)

    --
    Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
    Warning: I wish NOT to receive e-mail advertising to this address.
    Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
    "To Boot or not to Boot, that's the question." [WD1270 Caviar]


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  4. Re: SQL pass/shadow

    2008/4/22 Matus UHLAR - fantomas :

    > does it really have to be mysql? Many prople use LDAP and many programs
    > support LDAP for such usage, which has some dvantages like easy data
    > replication etc. (and afaik many MTA's can benefit from LDAP like rejecting
    > unknown users even on MX backup servers)


    Hi - it could be ldap , but I prefer ease of use and simplicity. Ldap
    is more like a big gun for a small problem.

    More or less it could be ANYthing that will let my users log on ssh
    with the same password on every server.

    Any other suggestions ?

    regards.




    --
    Wojciech Ziniewicz
    Unix SEX :{look;gawk;find;sed;talk;grep;touch;finger;find;f l
    ex;unzip;head;tail; mount;workbone;fsck;yes;gasp;fsck;more;yes;yes;eje
    ct;umount;makeclean; zip;split;done;exit:xargs!!}


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  5. Re: SQL pass/shadow

    On Tue, Apr 22, 2008 at 12:08:26PM +0200, Wojciech Ziniewicz wrote:
    > 2008/4/22 Matus UHLAR - fantomas :
    >
    > > does it really have to be mysql? Many prople use LDAP and many programs
    > > support LDAP for such usage, which has some dvantages like easy data
    > > replication etc. (and afaik many MTA's can benefit from LDAP like rejecting
    > > unknown users even on MX backup servers)

    >
    > Hi - it could be ldap , but I prefer ease of use and simplicity. Ldap
    > is more like a big gun for a small problem.
    >
    > More or less it could be ANYthing that will let my users log on ssh
    > with the same password on every server.
    >
    > Any other suggestions ?


    Assuming that all users are common, on all boxen,
    https://secure.mysociety.org/cvstrac...usersync&v=1.6
    and cron, perhaps?


    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

+ Reply to Thread