[TriLUG] security vs. services @ trilug.org

Jon Carnes jonc at nc.rr.com
Thu May 9 10:27:00 EDT 2002


The way things are shaping up with our limited server farm - ordinary users
are going to have access to one server.  That server will basically be their
shell account with limited storage space.  The other functions will all be
run without actual user accounts.  Access will be given to services based on
some form of authentication.

Currently I have setup a system that uses the mailman password and the users
email, to give the users access to certain services.  If we can just keep
the damn servers up - We'll have some services available to give access
*to*!

BTW: just as Tanner finished up the Cyrus email install on Stonesoup (our
new imap server made from contributed parts), the server crashed.  This is
probably a hardware problem - since the server was built from cast off parts
and "spares"...  More details as they become available.

Jon
----- Original Message -----
From: "John F Davis" <johndavi at us.ibm.com>
To: <trilug at trilug.org>
Sent: Thursday, May 09, 2002 10:11 AM
Subject: Re: [TriLUG] security vs. services @ trilug.org


> Hello
>
> err, I would imagine the admin has a account on the box.  I'm assuming the
> admin is the one changing passwords for a user on all boxes.
> I think you (and I hate assuming what others think) is that you meant the
> regular user was going to change their passwords.  I wasn't clear.  I
meant
> the admin changing passwords
> for themselves or other users.
>
> JD
>
> Tanner Lovelace <lovelace at wayfarer.org>@trilug.org on 05/09/2002 10:06:14
> AM
>
> Please respond to trilug at trilug.org
>
> Sent by:    trilug-admin at trilug.org
>
>
> To:    trilug at trilug.org
> cc:
> Subject:    Re: [TriLUG] security vs. services @ trilug.org
>
>
>
> On Thu, 2002-05-09 at 07:26, John F Davis wrote:
> > Hello
> >
> > For what its worth, I can write you an expect script in 5 minutes which
> > will enable you to change passwords on
> > all machines for one user in one step.  I have a similar script which I
> use
> > on my machines.  Its no big deal.
> > You ssh into the machine and change your password just like you would do
> > manually.  Its just that expect does
> > all the typing.  ie. no more risk and less time.
> >
> > JD
>
> John,
>
> That assumes you have a shell account on the machine in question.
> That will not necessarily be the case on the mail machine.  The
> handling of mail accounts and the handling of shell accounts is
> completely divorced from each other.
>
> Tanner
> --
> Tanner Lovelace | lovelace at wayfarer.org | http://wtl.wayfarer.org/
> --*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
> GPG Fingerprint = A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
> GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
> --*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
>  This would be a very good time to hang out with the Open Source
>  people, before they get formally reclassified as a national security
>  threat. -- Bruce Sterling
>
> _______________________________________________
> TriLUG mailing list
>     http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
>     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
>
>
> _______________________________________________
> TriLUG mailing list
>     http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ:
>     http://www.trilug.org/~lovelace/faq/TriLUG-faq.html




More information about the TriLUG mailing list