authentication against a remote server

To: debian-ssh@lists.debian.org
Subject: authentication against a remote server
From: david manye <dmanye@etse.urv.es>
Date: Mon, 29 Sep 2003 19:36:22 +0200 (MET DST)
Message-id: <[🔎] Pine.GSO.4.05.10309291923490.15514-100000@etse.urv.es>

hello,

in order to let our users to access the servers in our intranet, i've
built a (ssh) server so that users coming from the outside can make ssh
tunnels. there are aprox 25 users and when a new user needs to connect i
simply create an 'empty' account on the tunnelling server (local
accounts).

now i want to do the same, but there are two problems:

 1) the number of users is >> 1000 (creating local accounts could be a
nightmare)
 2) i have no access where the accounts (usernames and passwds) are
stored. but this server serves nis, ftp(-ssl), ssh and samba.

i've thought in using pam+nis to authenticate users but it seems to be
insecure. samba is also insecure (the account serves still uses unciphered
passwds!). so ... there's a way to authenticate a user on a server (the
tunnelling server) against another server (the account server), preferably
using ssh?

any idea?

many thanks.

--------------------------------------

 david manyé i robert
   departament d'enginyeria informàtica i matemàtiques 
   universitat rovira i virgili
 edifici L2 laboratori 114
 avinguda dels països catalans, 26
 campus sescelades
 43007 sant pere i sant pau (tarragona)

 tel: 977-559706
 fax: 977-559710
 e-mail: dmanye@etse.urv.es
         ajuda.deim@etse.urv.es

Reply to:

Prev by Date: Bug#211351: (no subject)
Next by Date: Bug#212117: ssh: init stop/restart action should use --retry
Previous by thread: Bug#211351: (no subject)
Index(es):
- Date
- Thread