mb02155
Posts: 13
Joined: Sat Dec 15, 2012 10:29 pm

Centralized Passwords for logging in to Pis

Fri Apr 03, 2015 3:55 am

Hello,

I have quite a number of Pis and would like to know if there is a way to have a centrally managed userID/Password database (LDAP?). I generally only care about SSH access - although we do use RDP to a GUI on some of them.

Any detailed suggestions on how to accomplish this?

Thanks!

ktb
Posts: 1447
Joined: Fri Dec 26, 2014 7:53 pm

Re: Centralized Passwords for logging in to Pis

Fri Apr 03, 2015 4:37 am

What type of computer are you using to connect to your Pi's?

It sounds like you want something like Remote Desktop Manager (Windows/OS X). If you're using a Linux box, one option might be Remmina which can save connections (SSH, VNC, RDP) that you can easily open from a centralized list.

Ulric
Posts: 18
Joined: Sun Feb 17, 2013 5:41 pm

Re: Centralized Passwords for logging in to Pis

Fri Apr 03, 2015 8:05 am

mb02155 wrote:Hello,

I have quite a number of Pis and would like to know if there is a way to have a centrally managed userID/Password database (LDAP?). I generally only care about SSH access - although we do use RDP to a GUI on some of them.

Any detailed suggestions on how to accomplish this?

Thanks!
You can use Active Directory to authenticate Linux users. There are several ways of doing this, for example Samba and Winbind.


User avatar
DougieLawson
Posts: 39183
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK
Contact: Website Twitter

Re: Centralized Passwords for logging in to Pis

Fri Apr 03, 2015 10:53 am

Ulric wrote: You can use Active Directory to authenticate Linux users. There are several ways of doing this, for example Samba and Winbind.
That relies on having a Windows Active Directory server running on your network.

The Linux way of doing that stuff is with LDAP.
Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.

Criticising any questions is banned on this forum.

Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.

AndrewdAzotus
Posts: 83
Joined: Wed Feb 06, 2013 3:07 pm
Location: Canada

Re: Centralized Passwords for logging in to Pis

Fri Apr 03, 2015 8:11 pm

DougieLawson wrote:
Ulric wrote: You can use Active Directory to authenticate Linux users. There are several ways of doing this, for example Samba and Winbind.
That relies on having a Windows Active Directory server running on your network.

The Linux way of doing that stuff is with LDAP.
Or Samba 4 [running on a B], which seems to work well enough to allow a Vista-Business to accept it as an AD DC

User avatar
g7ruh
Posts: 68
Joined: Mon Apr 23, 2012 9:49 am
Location: Blackfield UK

Re: Centralized Passwords for logging in to Pis

Fri Apr 03, 2015 10:57 pm

For windows PCs at this location I use a key file to allow entry of a passphrase. Using putty for ssh you can configure this to use a pre-defined key so you only enter the passphrase. I have a number of pies (????) and this makes life easy.
you need to generate a keyfile and store it in ~/.ssh (hidden directory) in an authorized_keys file (note spelling is the US dialect of the Queen's English).

if you search this topic you will find how to do it, using the clues above.
it saves entering login name and password.

I use the portable apps version of putty so the changes in setup are propagated across my windows PCs. Whatever PC I am using, the settings are the same.

Hope this helps, it certainly works for me, and my fingers 8-)

Roger

Ulric
Posts: 18
Joined: Sun Feb 17, 2013 5:41 pm

Re: Centralized Passwords for logging in to Pis

Sun Apr 05, 2015 8:49 am

DougieLawson wrote:
Ulric wrote: You can use Active Directory to authenticate Linux users. There are several ways of doing this, for example Samba and Winbind.
That relies on having a Windows Active Directory server running on your network.

The Linux way of doing that stuff is with LDAP.
Twenty years ago, I would have considered it reasonable to have different directories for Windows and Linux, but not today. I agree that in a Linux-only environment, a Linux-specific directory is fine, but most places are mixed nowadays, meaning AD is already available, meaning it can be reused for Linux as well.

User avatar
DougieLawson
Posts: 39183
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK
Contact: Website Twitter

Re: Centralized Passwords for logging in to Pis

Sun Apr 05, 2015 8:52 am

LDAP is the universal way. AD is 100% proprietary. I know which I'd choose if I needed the function on my network and it wouldn't be a proprietary solution.
Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.

Criticising any questions is banned on this forum.

Any DMs sent on Twitter will be answered next month.
All non-medical doctors are on my foes list.

Return to “General discussion”