idM Identity Management in Red Hat 6 - setting up

Experts

I need help in understanding exactly what I need.

We have dozens of red hat 6 servers. I want to SSH into one server (I'm guessing the IDM server), and then seamlessly be able to login to (and manage) the other red hat servers from this server, without my username and password being prompted for again.

According to these instructions on the redhat site, it is relatively simple to setup (as I've quoted the article I've included below the link), yet it's 100s of pages long. I'm not interested in any bells and whistles, encrypted SSL connections among servers, or anything. I just want a bare bone installation and functionality.

How would I accomplish this? Thanks for any help.

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/introduction.html

It has a simple installation process, a unified set of commands, and a clearly defined role in the overall IT infrastructure. An IdM domain is easy to configure, easy to join, and easy to manage, and the functions that it serves — particularly identity/authentication tasks like enterprise-wide single sign-on — are also easier to do with IdM than with a more general-purpose directory service.
RamblSystems AdminAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
What are you trying to accomplish? idm is workalike of active directory.
RamblSystems AdminAuthor Commented:
I don't want to have to provide username and password to every server I want to make a change on (or administer).

So, lets say we have servers 1 through 40, and I need to check the /etc/ntp.conf - maybe add a timeserver to the configuration file.

I'm wanting to log into a Master server, and then be able to access the other servers seamlessly (on the root level) without getting prompted for the password on each server
gheistCommented:
root will be local with any network login system.
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

RamblSystems AdminAuthor Commented:
Thank you for your response.

example:

[root@server1]# ssh root@server2
root@server2's password:

[root@server2]#
[root@server2]# exit

[root@server1]# ssh root@server3
root@server3's password:

[root@server3]#
[root@server3]# exit
[root@server1]#

...the behavior I would like is: (when in server1)

[root@server1]# ssh root@server3
[root@server3]#
[root@server3]# exit

[root@server1]# ssh root@server2
[root@server2]#
[root@server2]# exit

[root@server1]#

There wouldn't be any password prompting, except to get into the first server.
gheistCommented:
Very nice it works for you. What is going to happen if your IDM is down and how you log into it as root?
RamblSystems AdminAuthor Commented:
I was going to configure  a multi-master system, for redundancy.
gheistCommented:
ssh agent key forwarding should suffice for dozen of servers.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gheistCommented:
Please explain C grade.
RamblSystems AdminAuthor Commented:
Because it's not related to the context in which I asked the question. idM is a type of content management, or has some features that are similar to a a centralized server management utility. It's backend is configured using an LDAP server.

This will be the closest thing to an active directory layout as I can seem to find, for a linux - except I'm not wanting to import any active directory accounts.

I've used ssh agent keys to bypass login plenty of times. But, that is not feasible for what I need. Dozen of admins would be using this to access 1000s of servers, hence - Identity management has the ability to do this. There are a lot of great documentation on it, but that's all it's been. Documentation. It doesn't seem like many have successfully implemented this idM/LDAP solution. PAM/Kerberos authentication problems have been my biggest pitfall, and creating the kerberos database.

So, you presented a solution. And it might be fine for many who read this. It's just not the solution that I'm looking for.

Thanks for your input.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.