[nycbug-talk] FreeIPA
Edward Capriolo
edlinuxguru at gmail.com
Thu May 19 14:03:43 EDT 2011
The last time I was looking at this stuff.. wink wink.. . I found myself
pretty confused as to what (if any?) software worked with IPA. I mean it is
Kerberos so I am guessing you can secure telnet and all the other mostly
useless protocol Kerberos was designed to protect. I guess you can secure
web browsing with kerberos tickets, but again, is that really common?
I ended up with the ssh-public keys in LDAP.
http://code.google.com/p/openssh-lpk/. The reason I chose this was
1) I know LDAP
2) People were comfortable with SSH-KEYS
I still like it as a system actually. As to the IPA stuff, i could not
figure out IF/HOW I could make it work with SSH, and the software stack
needing it's own DNS server to control was a detraction.
Edward
On Thu, May 19, 2011 at 1:37 PM, Pete Wright <pete at nomadlogic.org> wrote:
> On Thu, May 19, 2011 at 11:03:53AM -0400, Mark Saad wrote:
> > Hey Talk
> > I was wondering if anyone has looked into FreeIPA
> > http://freeipa.org/page/About on either Linux or a BSD.
> > I would like to unify some of the services we are using and FreeIPA
> > looks like a good fit. I dont know anyone who has used it and if its
> > worth
> > it or not.
>
> i remember hearing about openipa a little while ago. it looks pretty
> interesting to me :) cobbler/koan was(is?) a RedHat ET project and I
> found that it was well managed and the development was pretty wide open
> so that was great. Can't speak for OpenIPA though, i'd love to hear if
> anyone else has used it too!
>
> -pete
>
>
> --
> Pete Wright
> pete at nomadlogic.org
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20110519/0fd63518/attachment.html>
More information about the talk
mailing list