Management of temporary users

Nick Owen nowen at
Wed Feb 7 14:50:58 CET 2007

On 2/7/07, Alan DeKok <aland at> wrote:
> Nick Owen wrote:
> >
> > I am looking for the best way to provision groups of users for temporary
> > access across multiple servers.  The users would be using ssh and sudo.
> > They would be assigned to a group of servers, then removed after the job
> > was complete.   There a hundreds of servers involved.
>   RADIUS may not be a good way to do this, because the users will still
> need UID's, etc., which RADIUS doesn't supply.
> I think we can put the UIDs into our auth server, which supports radius.
I was hoping that the requests would come from the target server to the
freeradius box, which would check to see if that user/group had current
rights to that server, then proxy the auth request to our auth server to
validate the one-time password.

Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
At last, two-factor authentication, without the hassle factor
Now open source:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list