Management of temporary users
Nick Owen
nowen at wikidsystems.com
Wed Feb 7 14:50:58 CET 2007
On 2/7/07, Alan DeKok <aland at deployingradius.com> wrote:
>
> Nick Owen wrote:
> >
> > I am looking for the best way to provision groups of users for temporary
> > access across multiple servers. The users would be using ssh and sudo.
> > They would be assigned to a group of servers, then removed after the job
> > was complete. There a hundreds of servers involved.
>
> RADIUS may not be a good way to do this, because the users will still
> need UID's, etc., which RADIUS doesn't supply.
>
> I think we can put the UIDs into our auth server, which supports radius.
I was hoping that the requests would come from the target server to the
freeradius box, which would check to see if that user/group had current
rights to that server, then proxy the auth request to our auth server to
validate the one-time password.
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
At last, two-factor authentication, without the hassle factor
Now open source: http://sourceforge.net/projects/wikid-twofactor/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070207/84c62382/attachment.html>
More information about the Freeradius-Users
mailing list