[Date Prev][Date Next]
Re: How to Confuse SSO
You can install the pam_ldap and nss_ldap RPMs to implement a unified
single password scheme. If you want to log into one machine and expect to
reconnect without retyping passwords, you'll probably need Kerberos. If
you simply want a single username/password across a group of machines,
pam_ldap/nss_ldap and OpenLDAP is good enough.
SSL/TLS is not strictly necessary, but you quite well may want it to
protect client to directory communication during password checks.
cody wang said:
> I want to set-up Single Sign On (SSO) solution on Redaht Linux. However,
> I have read many web site reference that use different application so I
> am confused which on can be used for SSO?
> Do I need configure all of them? Do I really need Kerberos 5? Do I still
> miss something? Is TLS/SSL nessary for SSO?
> Kerberos 5/Cyrus-sasl/Open LDAP/Berkeley DB/pam_ldap/nss_ldap
Alan Sparks, UNIX/Linux Systems Administrator <email@example.com>