[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to Confuse SSO

You can install the pam_ldap and nss_ldap RPMs to implement a unified
single password scheme.  If you want to log into one machine and expect to
reconnect without retyping passwords, you'll probably need Kerberos.  If
you simply want a single username/password across a group of machines,
pam_ldap/nss_ldap and OpenLDAP is good enough.

SSL/TLS is not strictly necessary, but you quite well may want it to
protect client to directory communication during password checks.


cody wang said:
> Hi
> I want to set-up Single Sign On (SSO) solution on Redaht Linux. However,
> I have read many web site reference that use different application so I
> am confused which on can be used for SSO?
> Do I need configure all of them? Do I really need Kerberos 5? Do I still
> miss something? Is TLS/SSL nessary for SSO?
> Kerberos 5/Cyrus-sasl/Open LDAP/Berkeley DB/pam_ldap/nss_ldap
> Thanks
> Cody

Alan Sparks, UNIX/Linux Systems Administrator    <asparks@doublesparks.net>