From dpuryear at puryear-it.com Thu Oct 1 14:54:53 2009 From: dpuryear at puryear-it.com (Dustin Puryear) Date: Thu, 1 Oct 2009 14:54:53 -0500 Subject: [brlug-general] UNIX password sync Message-ID: <43452C495F09D048BF7CE9F96B65688E11235C@sbs.Puryear-IT.local> Hi everyone- We have a UNIX network of 50+ Linux servers plus a few Solaris boxes. We need to keep user accounts and passwords synchronized. This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a requirement that no central directory or database be used. The solution has to be distributed across the servers in question. Does anyone know of a solution, commercial or open source, that can do this? -- Dustin Puryear President and Sr. Consultant Puryear Information Technology, LLC 225-706-8414 x112 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ From jwhite at pncpa.com Thu Oct 1 14:58:14 2009 From: jwhite at pncpa.com (Jarred White) Date: Thu, 1 Oct 2009 14:58:14 -0500 Subject: [brlug-general] UNIX password sync In-Reply-To: <43452C495F09D048BF7CE9F96B65688E11235C@sbs.Puryear-IT.local> References: <43452C495F09D048BF7CE9F96B65688E11235C@sbs.Puryear-IT.local> Message-ID: Can you setup a script that will rsync the passwd files to each machine every minute? -----Original Message----- From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of Dustin Puryear Sent: Thursday, October 01, 2009 2:55 PM To: sage-members at usenix.org Cc: nolug at nolug.org; general at brlug.net Subject: [brlug-general] UNIX password sync Hi everyone- We have a UNIX network of 50+ Linux servers plus a few Solaris boxes. We need to keep user accounts and passwords synchronized. This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a requirement that no central directory or database be used. The solution has to be distributed across the servers in question. Does anyone know of a solution, commercial or open source, that can do this? -- Dustin Puryear President and Sr. Consultant Puryear Information Technology, LLC 225-706-8414 x112 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ _______________________________________________ General mailing list General at brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net ----------------------------------------------------------------------------------------------------- Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties imposed under the Internal Revenue Code. ------------------------------------------------------------------------------------------------------------------ Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client relationships. At P&,, we are committed to keeping your data confidential which is why we are implementing new email encryption software. This software inspects all outbound emails from our firm. Emails that contain attachments will require you to enter a password to download the file. This ensures that your confidential data cannot be read by anyone other than the intended recipient. Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. For our clients and others, there will be a small step to download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few seconds that are required to access the attachment. If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, P& Network Administrator, at 225.922.4600. ===================================================================================================== From dpuryear at puryear-it.com Thu Oct 1 14:58:54 2009 From: dpuryear at puryear-it.com (Dustin Puryear) Date: Thu, 1 Oct 2009 14:58:54 -0500 Subject: [brlug-general] LDAP authentication caching.. Message-ID: <43452C495F09D048BF7CE9F96B65688E11235D@sbs.Puryear-IT.local> Thinking on the earlier email, one thing I've always been curious about is whether there is a caching service for LDAP-based authentication. (Linux nscd caches user information, among other things, but not authentication credentials or yes/no for login.) I'm curious if anyone is aware of a solution that does this, commercial or otherwise. We are a VAR for Centrify, which does this against AD, but I'm not familiar with solutions that use LDAP. I did dig a little about pam_ldap doing this, but I didn't see anything. Maybe I'm missing something. Thanks! -- Dustin Puryear President and Sr. Consultant Puryear Information Technology, LLC 225-706-8414 x112 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ From dpuryear at puryear-it.com Thu Oct 1 15:11:22 2009 From: dpuryear at puryear-it.com (Dustin Puryear) Date: Thu, 1 Oct 2009 15:11:22 -0500 Subject: [brlug-general] UNIX password sync Message-ID: <43452C495F09D048BF7CE9F96B65688E112360@sbs.Puryear-IT.local> Yeah, that was an option. -----Original Message----- From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of Jarred White Sent: Thursday, October 01, 2009 2:58 PM To: general at brlug.net Subject: Re: [brlug-general] UNIX password sync Can you setup a script that will rsync the passwd files to each machine every minute? -----Original Message----- From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of Dustin Puryear Sent: Thursday, October 01, 2009 2:55 PM To: sage-members at usenix.org Cc: nolug at nolug.org; general at brlug.net Subject: [brlug-general] UNIX password sync Hi everyone- We have a UNIX network of 50+ Linux servers plus a few Solaris boxes. We need to keep user accounts and passwords synchronized. This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a requirement that no central directory or database be used. The solution has to be distributed across the servers in question. Does anyone know of a solution, commercial or open source, that can do this? -- Dustin Puryear President and Sr. Consultant Puryear Information Technology, LLC 225-706-8414 x112 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ _______________________________________________ General mailing list General at brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net ------------------------------------------------------------------------ ----------------------------- Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties imposed under the Internal Revenue Code. ------------------------------------------------------------------------ ------------------------------------------ Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client relationships. At P&,, we are committed to keeping your data confidential which is why we are implementing new email encryption software. This software inspects all outbound emails from our firm. Emails that contain attachments will require you to enter a password to download the file. This ensures that your confidential data cannot be read by anyone other than the intended recipient. Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. For our clients and others, there will be a small step to download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few seconds that are required to access the attachment. If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, P& Network Administrator, at 225.922.4600. ======================================================================== ============================= _______________________________________________ General mailing list General at brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net From johnalexhebert at gmail.com Fri Oct 2 15:16:00 2009 From: johnalexhebert at gmail.com (John Hebert) Date: Fri, 2 Oct 2009 15:16:00 -0500 Subject: [brlug-general] UNIX password sync Message-ID: On Fri, Oct 2, 2009 at 12:00 PM, wrote: > > Message: 1 > Date: Thu, 1 Oct 2009 14:54:53 -0500 > From: "Dustin Puryear" > Subject: [brlug-general] UNIX password sync > > Hi everyone- > > We have a UNIX network of 50+ Linux servers plus a few Solaris boxes. We > need to keep user accounts and passwords synchronized. > > This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a > requirement that no central directory or database be used. The solution > has to be distributed across the servers in question. > > Does anyone know of a solution, commercial or open source, that can do > this? > [Distributed peer-to-peer authentication | decentralized trust management] is a Flying Dutchman. Search Google for it; lots of scholarly papers, no implementations. You _could_ disguise one tiny Linux box as a paperweight, make it the Kerberos master KDC, the rest of the boxes slave KDCs and sync the auth DB every so often with a cron job, but that's just silly. John -------- Brak says "Postlethwaite & Netterville! Postlethwaite & Netterville! Postlethwaite & Netterville!" -------------- next part -------------- An HTML attachment was scrubbed... URL: From jwhite at pncpa.com Fri Oct 2 15:38:40 2009 From: jwhite at pncpa.com (Jarred White) Date: Fri, 2 Oct 2009 15:38:40 -0500 Subject: [brlug-general] UNIX password sync In-Reply-To: References: Message-ID: I hate that everyone makes fun of my "signature" :( It's not even a signature. It gets appended by our stupid gateway appliance :\ I HATE YOU ALL AND I'M NEVER COMIN' BACK! lol Postlethwaite & Netterville From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of John Hebert Sent: Friday, October 02, 2009 3:16 PM To: general at brlug.net Subject: Re: [brlug-general] UNIX password sync On Fri, Oct 2, 2009 at 12:00 PM, wrote: Message: 1 Date: Thu, 1 Oct 2009 14:54:53 -0500 From: "Dustin Puryear" Subject: [brlug-general] UNIX password sync Hi everyone- We have a UNIX network of 50+ Linux servers plus a few Solaris boxes. We need to keep user accounts and passwords synchronized. This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a requirement that no central directory or database be used. The solution has to be distributed across the servers in question. Does anyone know of a solution, commercial or open source, that can do this? [Distributed peer-to-peer authentication | decentralized trust management] is a Flying Dutchman. Search Google for it; lots of scholarly papers, no implementations. You _could_ disguise one tiny Linux box as a paperweight, make it the Kerberos master KDC, the rest of the boxes slave KDCs and sync the auth DB every so often with a cron job, but that's just silly. John -------- Brak says "Postlethwaite & Netterville! Postlethwaite & Netterville! Postlethwaite & Netterville!" ----------------------------------------------------------------------------------------------------- Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties imposed under the Internal Revenue Code. ------------------------------------------------------------------------------------------------------------------ Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client relationships. At P&,, we are committed to keeping your data confidential which is why we are implementing new email encryption software. This software inspects all outbound emails from our firm. Emails that contain attachments will require you to enter a password to download the file. This ensures that your confidential data cannot be read by anyone other than the intended recipient. Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. For our clients and others, there will be a small step to download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few seconds that are required to access the attachment. If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, P& Network Administrator, at 225.922.4600. ===================================================================================================== -------------- next part -------------- An HTML attachment was scrubbed... URL: From MarkL at lmfj.com Fri Oct 2 15:44:27 2009 From: MarkL at lmfj.com (Mark A. Lappin) Date: Fri, 2 Oct 2009 15:44:27 -0500 Subject: [brlug-general] UNIX password sync In-Reply-To: References: Message-ID: <0227B653B3DC82438B8291BC5218612F663B28BC3D@lmfjex07.lmfj.com> > I hate that everyone makes fun of my "signature" :( > It's not even a signature. It gets appended by our stupid gateway appliance :\ At least it does not attempt to append an animated GIF which sits on a web server outside somewhere; I can't stand that....oh wait, NM! > I HATE YOU ALL AND I'M NEVER COMIN' BACK! ....empty threats Mark A. Lappin, CCNA, MCSE:Security | Lee Michaels Fine Jewelry Director of Information Technology 11314 Cloverland Ave | Baton Rouge, LA 70809 Ph: 225.291.9094 ext 245 | Fax: 225-291-5778 | Mobile: 225-362-2770 www.lmfj.com [http://www.lmfj.com/images/lmfjsig.gif] ________________________________ This communication is privileged and confidential. If you are not the intended recipient, please notify the sender by reply e-mail and destroy all copies of this communication . -------------- next part -------------- An HTML attachment was scrubbed... URL: From jwhite at pncpa.com Fri Oct 2 15:45:45 2009 From: jwhite at pncpa.com (Jarred White) Date: Fri, 2 Oct 2009 15:45:45 -0500 Subject: [brlug-general] UNIX password sync In-Reply-To: <0227B653B3DC82438B8291BC5218612F663B28BC3D@lmfjex07.lmfj.com> References: <0227B653B3DC82438B8291BC5218612F663B28BC3D@lmfjex07.lmfj.com> Message-ID: True, Mark. Very true. From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of Mark A. Lappin Sent: Friday, October 02, 2009 3:44 PM To: 'general at brlug.net' Subject: Re: [brlug-general] UNIX password sync > I hate that everyone makes fun of my "signature" :( > It's not even a signature. It gets appended by our stupid gateway appliance :\ At least it does not attempt to append an animated GIF which sits on a web server outside somewhere; I can't stand that....oh wait, NM! > I HATE YOU ALL AND I'M NEVER COMIN' BACK! ....empty threats Mark A. Lappin, CCNA, MCSE:Security | Lee Michaels Fine Jewelry Director of Information Technology 11314 Cloverland Ave | Baton Rouge, LA 70809 Ph: 225.291.9094 ext 245 | Fax: 225-291-5778 | Mobile: 225-362-2770 www.lmfj.com ________________________________ This communication is privileged and confidential. If you are not the intended recipient, please notify the sender by reply e-mail and destroy all copies of this communication . ----------------------------------------------------------------------------------------------------- Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties imposed under the Internal Revenue Code. ------------------------------------------------------------------------------------------------------------------ Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client relationships. At P&,, we are committed to keeping your data confidential which is why we are implementing new email encryption software. This software inspects all outbound emails from our firm. Emails that contain attachments will require you to enter a password to download the file. This ensures that your confidential data cannot be read by anyone other than the intended recipient. Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. For our clients and others, there will be a small step to download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few seconds that are required to access the attachment. If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, P& Network Administrator, at 225.922.4600. ===================================================================================================== -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/jpeg Size: 823 bytes Desc: ~WRD000.jpg URL: From karthik at poobal.net Fri Oct 2 16:00:38 2009 From: karthik at poobal.net (Karthik Poobalasubramanian) Date: Fri, 2 Oct 2009 16:00:38 -0500 Subject: [brlug-general] UNIX password sync In-Reply-To: References: Message-ID: <480CA799-5BE3-43B4-A950-7127125B2CB2@poobal.net> > I hate that everyone makes fun of my ?signature? :( At least, your emails don't get classified as spam because of our last name. > > It?s not even a signature. It gets appended by our stupid gateway > appliance :\ gmail. Just saying. -- Karthik Poobalasubramanian Louisiana Board of Regents karthik at poobal.net karthik at la.gov (225) 341-5855 skype: poobal On Oct 2, 2009, at 3:38 PM, Jarred White wrote: > > > > > > lol Postlethwaite & Netterville > > From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] > On Behalf Of John Hebert > Sent: Friday, October 02, 2009 3:16 PM > To: general at brlug.net > Subject: Re: [brlug-general] UNIX password sync > > On Fri, Oct 2, 2009 at 12:00 PM, wrote: > Message: 1 > Date: Thu, 1 Oct 2009 14:54:53 -0500 > From: "Dustin Puryear" > Subject: [brlug-general] UNIX password sync > > Hi everyone- > > We have a UNIX network of 50+ Linux servers plus a few Solaris > boxes. We > need to keep user accounts and passwords synchronized. > > This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a > requirement that no central directory or database be used. The > solution > has to be distributed across the servers in question. > > Does anyone know of a solution, commercial or open source, that can do > this? > > [Distributed peer-to-peer authentication | decentralized trust > management] is a Flying Dutchman. Search Google for it; lots of > scholarly papers, no implementations. > > You _could_ disguise one tiny Linux box as a paperweight, make it > the Kerberos master KDC, the rest of the boxes slave KDCs and sync > the auth DB every so often with a cron job, but that's just silly. > > John > > -------- > Brak says "Postlethwaite & Netterville! Postlethwaite & Netterville! > Postlethwaite & Netterville!" > > ----------------------------------------------------------------------------------------------------- > Pursuant to IRS Circular 230 and IRS regulations we inform you that > any federal tax advice > contained in this communication is not intended or written to be > used, and cannot be used, > for the purpose of avoiding penalties imposed under the Internal > Revenue Code. > > ------------------------------------------------------------------------------------------------------------------ > Postlethwaite & Netterville Implements New Email Encryption Software > to Further Protect Confidential Data > > Confidentiality is a hallmark of the accounting profession and it is > of the utmost importance to our client > relationships. At P&N, we are committed to keeping your data > confidential which is why we are implementing > new email encryption software. This software inspects all outbound > emails from our firm. Emails that > contain attachments will require you to enter a password to download > the file. This ensures that your > confidential data cannot be read by anyone other than the intended > recipient. > > Emails with attachments will include a link to a secure web server. > Click on the link to download the attachment. > The first time you receive a secure email from the firm you will be > required to setup a password. This will > be your password to access future attachments. For our clients and > others, there will be a small step to > download the encrypted files; however, we believe the added > confidentiality benefits far outweigh the few > seconds that are required to access the attachment. > > If you have questions regarding this new process or if you forget > your password, please contact Jessica Aymond, > P&N Network Administrator, at 225.922.4600. > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > = > ====================================================================== > > > _______________________________________________ > General mailing list > General at brlug.net > http://mail.brlug.net/mailman/listinfo/general_brlug.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From jwhite at pncpa.com Fri Oct 2 16:11:34 2009 From: jwhite at pncpa.com (Jarred White) Date: Fri, 2 Oct 2009 16:11:34 -0500 Subject: [brlug-general] UNIX password sync In-Reply-To: <480CA799-5BE3-43B4-A950-7127125B2CB2@poobal.net> References: <480CA799-5BE3-43B4-A950-7127125B2CB2@poobal.net> Message-ID: Blocked by websense. ...just sayin'. From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of Karthik Poobalasubramanian Sent: Friday, October 02, 2009 4:01 PM To: general at brlug.net Subject: Re: [brlug-general] UNIX password sync I hate that everyone makes fun of my "signature" :( At least, your emails don't get classified as spam because of our last name. It's not even a signature. It gets appended by our stupid gateway appliance :\ gmail. Just saying. -- Karthik Poobalasubramanian Louisiana Board of Regents karthik at poobal.net karthik at la.gov (225) 341-5855 skype: poobal On Oct 2, 2009, at 3:38 PM, Jarred White wrote: lol Postlethwaite & Netterville From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of John Hebert Sent: Friday, October 02, 2009 3:16 PM To: general at brlug.net Subject: Re: [brlug-general] UNIX password sync On Fri, Oct 2, 2009 at 12:00 PM, wrote: Message: 1 Date: Thu, 1 Oct 2009 14:54:53 -0500 From: "Dustin Puryear" Subject: [brlug-general] UNIX password sync Hi everyone- We have a UNIX network of 50+ Linux servers plus a few Solaris boxes. We need to keep user accounts and passwords synchronized. This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a requirement that no central directory or database be used. The solution has to be distributed across the servers in question. Does anyone know of a solution, commercial or open source, that can do this? [Distributed peer-to-peer authentication | decentralized trust management] is a Flying Dutchman. Search Google for it; lots of scholarly papers, no implementations. You _could_ disguise one tiny Linux box as a paperweight, make it the Kerberos master KDC, the rest of the boxes slave KDCs and sync the auth DB every so often with a cron job, but that's just silly. John -------- Brak says "Postlethwaite & Netterville! Postlethwaite & Netterville! Postlethwaite & Netterville!" ------------------------------------------------------------------------ ----------------------------- Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties imposed under the Internal Revenue Code. ------------------------------------------------------------------------ ------------------------------------------ Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client relationships. At P&N, we are committed to keeping your data confidential which is why we are implementing new email encryption software. This software inspects all outbound emails from our firm. Emails that contain attachments will require you to enter a password to download the file. This ensures that your confidential data cannot be read by anyone other than the intended recipient. Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. For our clients and others, there will be a small step to download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few seconds that are required to access the attachment. If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, P&N Network Administrator, at 225.922.4600. ======================================================================== ============================= _______________________________________________ General mailing list General at brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net ----------------------------------------------------------------------------------------------------- Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice contained in this communication is not intended or written to be used, and cannot be used, for the purpose of avoiding penalties imposed under the Internal Revenue Code. ------------------------------------------------------------------------------------------------------------------ Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client relationships. At P&,, we are committed to keeping your data confidential which is why we are implementing new email encryption software. This software inspects all outbound emails from our firm. Emails that contain attachments will require you to enter a password to download the file. This ensures that your confidential data cannot be read by anyone other than the intended recipient. Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. The first time you receive a secure email from the firm you will be required to setup a password. This will be your password to access future attachments. For our clients and others, there will be a small step to download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few seconds that are required to access the attachment. If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, P& Network Administrator, at 225.922.4600. ===================================================================================================== -------------- next part -------------- An HTML attachment was scrubbed... URL: From john.brady.love at gmail.com Fri Oct 2 16:57:55 2009 From: john.brady.love at gmail.com (Johnny Love) Date: Fri, 02 Oct 2009 16:57:55 -0500 Subject: [brlug-general] UNIX password sync In-Reply-To: References: <480CA799-5BE3-43B4-A950-7127125B2CB2@poobal.net> Message-ID: <4AC67763.9090007@gmail.com> Since you are totally incapable of getting around that... Jarred White wrote: > > Blocked by websense. > > ?just sayin?. > > *From:* general-bounces at brlug.net [mailto:general-bounces at brlug.net] > *On Behalf Of *Karthik Poobalasubramanian > *Sent:* Friday, October 02, 2009 4:01 PM > *To:* general at brlug.net > *Subject:* Re: [brlug-general] UNIX password sync > > I hate that everyone makes fun of my ?signature? :( > > At least, your emails don't get classified as spam because of our last > name. > > > > It?s not even a signature. It gets appended by our stupid gateway > appliance :\ > > gmail. Just saying. > > -- > > Karthik Poobalasubramanian > Louisiana Board of Regents > karthik at poobal.net > karthik at la.gov > (225) 341-5855 > skype: poobal > > On Oct 2, 2009, at 3:38 PM, Jarred White wrote: > > > > lol Postlethwaite & Netterville > > *From:* general-bounces at brlug.net > [mailto:general-bounces at brlug.net] *On Behalf Of *John Hebert > *Sent:* Friday, October 02, 2009 3:16 PM > *To:* general at brlug.net > *Subject:* Re: [brlug-general] UNIX password sync > > On Fri, Oct 2, 2009 at 12:00 PM, > wrote: > > Message: 1 > Date: Thu, 1 Oct 2009 14:54:53 -0500 > From: "Dustin Puryear" > > Subject: [brlug-general] UNIX password sync > > Hi everyone- > > We have a UNIX network of 50+ Linux servers plus a few Solaris boxes. We > need to keep user accounts and passwords synchronized. > > This would be easy enough with NIS, NIS+, LDAP, or AD, but there is a > requirement that no central directory or database be used. The solution > has to be distributed across the servers in question. > > Does anyone know of a solution, commercial or open source, that can do > this? > > [Distributed peer-to-peer authentication | decentralized trust > management] is a Flying Dutchman. Search Google for it; lots of > scholarly papers, no implementations. > > You _could_ disguise one tiny Linux box as a paperweight, make it the > Kerberos master KDC, the rest of the boxes slave KDCs and sync the > auth DB every so often with a cron job, but that's just silly. > > John > > -------- > > Brak says "Postlethwaite & Netterville! Postlethwaite & Netterville! > Postlethwaite & Netterville!" > > ----------------------------------------------------------------------------------------------------- > Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice > contained in this communication is not intended or written to be used, and cannot be used, > for the purpose of avoiding penalties imposed under the Internal Revenue Code. > > ------------------------------------------------------------------------------------------------------------------ > Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data > > Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client > relationships. At P&N, we are committed to keeping your data confidential which is why we are implementing > new email encryption software. This software inspects all outbound emails from our firm. Emails that > contain attachments will require you to enter a password to download the file. This ensures that your > confidential data cannot be read by anyone other than the intended recipient. > > Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. > The first time you receive a secure email from the firm you will be required to setup a password. This will > be your password to access future attachments. For our clients and others, there will be a small step to > download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few > seconds that are required to access the attachment. > > If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, > P&N Network Administrator, at 225.922.4600. > ===================================================================================================== > > > _______________________________________________ > General mailing list > General at brlug.net > http://mail.brlug.net/mailman/listinfo/general_brlug.net > > ----------------------------------------------------------------------------------------------------- > Pursuant to IRS Circular 230 and IRS regulations we inform you that any federal tax advice > contained in this communication is not intended or written to be used, and cannot be used, > for the purpose of avoiding penalties imposed under the Internal Revenue Code. > > ------------------------------------------------------------------------------------------------------------------ > Postlethwaite & Netterville Implements New Email Encryption Software to Further Protect Confidential Data > > Confidentiality is a hallmark of the accounting profession and it is of the utmost importance to our client > relationships. At P&N, we are committed to keeping your data confidential which is why we are implementing > new email encryption software. This software inspects all outbound emails from our firm. Emails that > contain attachments will require you to enter a password to download the file. This ensures that your > confidential data cannot be read by anyone other than the intended recipient. > > Emails with attachments will include a link to a secure web server. Click on the link to download the attachment. > The first time you receive a secure email from the firm you will be required to setup a password. This will > be your password to access future attachments. For our clients and others, there will be a small step to > download the encrypted files; however, we believe the added confidentiality benefits far outweigh the few > seconds that are required to access the attachment. > > If you have questions regarding this new process or if you forget your password, please contact Jessica Aymond, > P&N Network Administrator, at 225.922.4600. > ===================================================================================================== > > > ------------------------------------------------------------------------ > > _______________________________________________ > General mailing list > General at brlug.net > http://mail.brlug.net/mailman/listinfo/general_brlug.net > From eac at motion-labs.com Thu Oct 8 12:12:00 2009 From: eac at motion-labs.com (Edmund Cramp) Date: Thu, 08 Oct 2009 12:12:00 -0500 Subject: [brlug-general] Keyboard interface Message-ID: <77e6f8e3.1ca483a.2f6a4641.74ad@motion-labs.com> I need a hardware solution - preferably off the shelf. I used something like this 15 years ago and have no idea if anyone still makes them - any ideas? **** I need to be able to generate a TTL signal when the "Enter" or key is pressed on a PC keyboard. I used a box to do this (a long time ago) which plugged into the keyboard cable (old IBM, non-usb DIN type) between the keyboard and the PC and was powered by the PC. The box generated a TTL signal when any key was pressed. **** The background to this is that I have to start a data collection by two standalone PC's at the same time - one of the applications is completely self-contained with no analog control facilities at all, but the other application can be started via a TTL signal. I know keyboard interface boxes that do this sort of thing existed once (back before the world went gui on me) and I could probably build one from scratch if the customer wanted to pay and I had the time. And I realize the "at the same time" has a significant error attached to it no matter how it's done - I just want to eliminate the user error. Regards, Edmund Cramp -- I hate leaving my house confident and looking good and then not seeing anyone of importance the entire day. What a waste. From dpuryear at puryear-it.com Thu Oct 8 13:26:05 2009 From: dpuryear at puryear-it.com (Dustin Puryear) Date: Thu, 8 Oct 2009 13:26:05 -0500 Subject: [brlug-general] Keyboard interface Message-ID: <43452C495F09D048BF7CE9F96B65688E112413@sbs.Puryear-IT.local> Just do this with Java.. *bad joke* -----Original Message----- From: general-bounces at brlug.net [mailto:general-bounces at brlug.net] On Behalf Of Edmund Cramp Sent: Thursday, October 08, 2009 12:12 PM To: 'general at brlug.net' Subject: [brlug-general] Keyboard interface I need a hardware solution - preferably off the shelf. I used something like this 15 years ago and have no idea if anyone still makes them - any ideas? **** I need to be able to generate a TTL signal when the "Enter" or key is pressed on a PC keyboard. I used a box to do this (a long time ago) which plugged into the keyboard cable (old IBM, non-usb DIN type) between the keyboard and the PC and was powered by the PC. The box generated a TTL signal when any key was pressed. **** The background to this is that I have to start a data collection by two standalone PC's at the same time - one of the applications is completely self-contained with no analog control facilities at all, but the other application can be started via a TTL signal. I know keyboard interface boxes that do this sort of thing existed once (back before the world went gui on me) and I could probably build one from scratch if the customer wanted to pay and I had the time. And I realize the "at the same time" has a significant error attached to it no matter how it's done - I just want to eliminate the user error. Regards, Edmund Cramp -- I hate leaving my house confident and looking good and then not seeing anyone of importance the entire day. What a waste. _______________________________________________ General mailing list General at brlug.net http://mail.brlug.net/mailman/listinfo/general_brlug.net From john_re at fastmail.us Sun Oct 18 02:13:29 2009 From: john_re at fastmail.us (john_re) Date: Sun, 18 Oct 2009 00:13:29 -0700 Subject: [brlug-general] Sunday 18th 12N-3P PDST Global Linux Mtg - BerkeleyTIP - for forwarding Message-ID: <1255850009.5251.1340648915@webmail.messagingengine.com> Join the global Free SW HW & Culture meeting online via VOIP & IRC. Sunday Oct 18, 12N-3P Pacific Daylight Savings Time (UTC-8), 3P-6P Eastern, (7P-10P UTC?) http://sites.google.com/site/berkeleytip/remote-attendance Or, come to the UCBerkeley Free Speech Cafe. Discuss the videos, work on your own projects & share them with others, & help work on the group projects. Get a VOIP headset, & join the #berkeleytip channel on irc.freenode.net We'll help you install VOIP client SW, & join the global meeting. Join with the meeting from your home via VOIP, or create a local meeting at your local college wifi cafe. http://sites.google.com/site/berkeleytip/schedule I finally got some posters up around campus. :) ===== Talk/Video October: Open Source-and-Mac Other OSs http://www.eweek.com/c/a/Linux-and-Open-Source/OpenSource-and-Mac-Alternatives-to-Windows-7-649233/ http://sites.google.com/site/berkeleytip/talk-videos ===== Some Topics for discussion: How get better WiFi at FSC - talk to UCB net services? FreeSwitch install on UCB box KUbuntu 9.10 out this month Plan for a UCB installfest - leaders, helpers, announcements Flyers post throughout campus beginning November? SSL & OpenVPN on UCB box ===== Join the mailing lists & say hi, tell us what you are interested in. http://groups.google.com/group/BerkTIPGlobal You are invited to forward this message anywhere it would be welcomed. :) From dpuryear at puryear-it.com Thu Oct 29 15:36:38 2009 From: dpuryear at puryear-it.com (Dustin Puryear) Date: Thu, 29 Oct 2009 15:36:38 -0500 Subject: [brlug-general] Looking for VMware ESX contractors Message-ID: <43452C495F09D048BF7CE9F96B65688E1126B3@sbs.Puryear-IT.local> Hi everyone- If you contract out for VMware ESX (VC, VMotion, etc) work, please contact me at dustin at puryear-it.com. We sometimes need some additional assistance. Send your experience and hourly rate. -- Dustin Puryear President and Sr. Consultant Puryear Information Technology, LLC 225-706-8414 x112 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/