asked on
idM Identity Management in Red Hat 6 - setting up
Experts
I need help in understanding exactly what I need.
We have dozens of red hat 6 servers. I want to SSH into one server (I'm guessing the IDM server), and then seamlessly be able to login to (and manage) the other red hat servers from this server, without my username and password being prompted for again.
According to these instructions on the redhat site, it is relatively simple to setup (as I've quoted the article I've included below the link), yet it's 100s of pages long. I'm not interested in any bells and whistles, encrypted SSL connections among servers, or anything. I just want a bare bone installation and functionality.
How would I accomplish this? Thanks for any help.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/introduction.html
It has a simple installation process, a unified set of commands, and a clearly defined role in the overall IT infrastructure. An IdM domain is easy to configure, easy to join, and easy to manage, and the functions that it serves — particularly identity/authentication tasks like enterprise-wide single sign-on — are also easier to do with IdM than with a more general-purpose directory service.
I need help in understanding exactly what I need.
We have dozens of red hat 6 servers. I want to SSH into one server (I'm guessing the IDM server), and then seamlessly be able to login to (and manage) the other red hat servers from this server, without my username and password being prompted for again.
According to these instructions on the redhat site, it is relatively simple to setup (as I've quoted the article I've included below the link), yet it's 100s of pages long. I'm not interested in any bells and whistles, encrypted SSL connections among servers, or anything. I just want a bare bone installation and functionality.
How would I accomplish this? Thanks for any help.
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/introduction.html
It has a simple installation process, a unified set of commands, and a clearly defined role in the overall IT infrastructure. An IdM domain is easy to configure, easy to join, and easy to manage, and the functions that it serves — particularly identity/authentication tasks like enterprise-wide single sign-on — are also easier to do with IdM than with a more general-purpose directory service.
LinuxLinux DistributionsLinux NetworkingLinux SecurityLinux OS Dev
Last Comment
Rambl
What are you trying to accomplish? idm is workalike of active directory.
ASKER
I don't want to have to provide username and password to every server I want to make a change on (or administer).
So, lets say we have servers 1 through 40, and I need to check the /etc/ntp.conf - maybe add a timeserver to the configuration file.
I'm wanting to log into a Master server, and then be able to access the other servers seamlessly (on the root level) without getting prompted for the password on each server
So, lets say we have servers 1 through 40, and I need to check the /etc/ntp.conf - maybe add a timeserver to the configuration file.
I'm wanting to log into a Master server, and then be able to access the other servers seamlessly (on the root level) without getting prompted for the password on each server
root will be local with any network login system.
ASKER
Thank you for your response.
example:
[root@server1]# ssh root@server2
root@server2's password:
[root@server2]#
[root@server2]# exit
[root@server1]# ssh root@server3
root@server3's password:
[root@server3]#
[root@server3]# exit
[root@server1]#
...the behavior I would like is: (when in server1)
[root@server1]# ssh root@server3
[root@server3]#
[root@server3]# exit
[root@server1]# ssh root@server2
[root@server2]#
[root@server2]# exit
[root@server1]#
There wouldn't be any password prompting, except to get into the first server.
example:
[root@server1]# ssh root@server2
root@server2's password:
[root@server2]#
[root@server2]# exit
[root@server1]# ssh root@server3
root@server3's password:
[root@server3]#
[root@server3]# exit
[root@server1]#
...the behavior I would like is: (when in server1)
[root@server1]# ssh root@server3
[root@server3]#
[root@server3]# exit
[root@server1]# ssh root@server2
[root@server2]#
[root@server2]# exit
[root@server1]#
There wouldn't be any password prompting, except to get into the first server.
Very nice it works for you. What is going to happen if your IDM is down and how you log into it as root?
ASKER
I was going to configure a multi-master system, for redundancy.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Please explain C grade.
ASKER
Because it's not related to the context in which I asked the question. idM is a type of content management, or has some features that are similar to a a centralized server management utility. It's backend is configured using an LDAP server.
This will be the closest thing to an active directory layout as I can seem to find, for a linux - except I'm not wanting to import any active directory accounts.
I've used ssh agent keys to bypass login plenty of times. But, that is not feasible for what I need. Dozen of admins would be using this to access 1000s of servers, hence - Identity management has the ability to do this. There are a lot of great documentation on it, but that's all it's been. Documentation. It doesn't seem like many have successfully implemented this idM/LDAP solution. PAM/Kerberos authentication problems have been my biggest pitfall, and creating the kerberos database.
So, you presented a solution. And it might be fine for many who read this. It's just not the solution that I'm looking for.
Thanks for your input.
This will be the closest thing to an active directory layout as I can seem to find, for a linux - except I'm not wanting to import any active directory accounts.
I've used ssh agent keys to bypass login plenty of times. But, that is not feasible for what I need. Dozen of admins would be using this to access 1000s of servers, hence - Identity management has the ability to do this. There are a lot of great documentation on it, but that's all it's been. Documentation. It doesn't seem like many have successfully implemented this idM/LDAP solution. PAM/Kerberos authentication problems have been my biggest pitfall, and creating the kerberos database.
So, you presented a solution. And it might be fine for many who read this. It's just not the solution that I'm looking for.
Thanks for your input.