[svlug] Meeting this Wednesday: Speaker? Open discussion?
kevin.dankwardt at gmail.com
Tue Sep 1 13:10:49 PDT 2015
Awesome. I will put the announcement on the SVLUG meetup.
On Tue, Sep 1, 2015 at 12:04 PM, Luke S. Crawford <lsc at prgmr.com> wrote:
> On 08/31/2015 11:13 PM, Rick Moen wrote:
> > Quoting Luke S. Crawford (lsc at prgmr.com):
> >> Yeah, openldap! I could throw together a "how to setup a linux system
> >> to authenticate off openldap" - including both pam, (so you can
> >> authenticate to the linux system itself,) and the OpenSSH-LPK patch so
> >> you can setup your passwordless ssh logins using LDAP, as well as the
> >> apache mod_auth_ldap setup.
> >> I'd have to delay truing my new wheel, and you'd need to settle for not
> >> very good slides, but I could totally have a working howto/walkthrough
> >> done tomorrow evening; I've done this... many times, and am probably
> >> going to do it again this weekend for a friend who is helping me setup a
> >> webapp with django.
> > More than cool. OK, we'll go with that. You probably remember the
> > drill: Ideally, we'll need a title for the talk and a 1-3ish sentence
> > description. Past examples are onhttp://www.svlug.org/prevmeet.php .
> > I was _about_ to say 'I'll just reuse the speaker bio from your last
> > SVLUG talk', but since that was July 2009 and the bio talked about your
> > upcoming book with No Starch Press in Sept. 2009, an update would be
> > really nice, too.
> > When speakers don't give us a topic title, talk description, or bio,
> > SVLUG is obliged to invent them, with uncertain results. ;->
> okay. hm.
> for title:
> OpenLDAP; single sign-on without sharing password hashes.
> "Luke will go over how to setup a linux system to authenticate off
> openldap - including both pam, (so you can authenticate to the linux
> system itself,) the OpenSSH-LPK patch so you can setup your passwordless
> ssh logins using LDAP, as well as the apache mod_auth_ldap setup. Luke
> will also rant about "damn kids" who have to "rewrite the auth stack" -
> and explain how LDAP is "good enough" without being too much work to
> implement. Properly setup, LDAP is as good as kerberos with
> tunneled-cleartext passwords enabled. Not, obviously, as good as
> end-to-end kerberos, but that requires client-side support. Being as I
> have one-day of prep, we're not going to go deep into kerberos used with
> ldap, and I'm going to largely ignore activedirectory."
> If I get time, I'll add slides on mail-routing (mailhub setups are
> pretty nice) and if I'm lucky, Wayne Roth will get me information on
> integrating django with ldap for the kids who think apache-based auth is
> "ugly" but call that a "stretch goal" - good chance I won't get to it.
> For bio:
> "Luke S. Crawford is a long-time computer technician, an author and an
> entrepreneur. With Sarah Newman, he runs prgmr.com, a small company
> that provides Virtual Private Servers to the technically adept, and
> contracting/consulting services to the moneyed.
> With Chris Takemura, he wrote "The Book of Xen." published by No-Starch
> In his role as a contractor, Luke has many years of dealing with LDAP on
> a very diverse set of platforms, from OSX and Solaris to FreeBSD and
> Linux, enabling everything from the traditional company directory to
> mail-routing and authentication services.
> svlug mailing list
> svlug at lists.svlug.org
visit www.kcomputing.com for the best in Linux developer training.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the svlug