Nix

Providing SSO by integrating Linux (or FreeBSD) with a directory service, like Microsoft Active Directory (AD), is no where as daunting as it once was, and highlights some fascinating subsystems that enable users to be defined from a variety of data sources (such as LDAP) other than just the traditional /etc/passwd file. Initial setup Kerberos Create service keytab on AD System Security Services Daemon (sssd) Name Service Switch (nss) PAM (Pluggable Authentication Module) Testing Listing Users Listing Groups id Troubleshooting Samba (smbd) Join Issues Clock Synchronisation Issues Clearing SSSD Cache End to end script (for Ansible) Initial setup Update /etc/resolv.conf to bind to the AD DNS server. This will enable realmd to discover and join the active directory domain (i.e. kerberos realm). ...

This semester I have enrolled in a security unit at my local University. Before we get into the mechanics of modern security techniques (mathematical theory, ciphers, protocols, hashing, Kerberos), the first lecture kicked off with a gentle overview of PKI and the basics of using the GNU Privacy Guard, aka GnuPG or GPG for short. In short it is a complete and free implementation of the OpenPGP standard. Generate a key pair: ...