Idea for a spec

Carl K carl at
Fri Jun 2 01:06:55 UTC 2006

Alex Mauer wrote:
> Etienne Goyer wrote:
>> More concretely, it would involve (on the "master" side) :
>> - Setting up an LDAP directory, mostly for user authentication and NSS
>> - Setting up a DNS zone for the domain
>> - Generate a root CA, and a certificate for the master
>> - Generate a ssh authentication key pair
>> - Setting up a monitoring system
>>  ... etc
>> When a "client" is added to the "domain", it would involve :
>> - Adding the client in the domain's DNS zone
>> - Generate a certificate for this client, and send it to the client
>> - Make PAM and NSS on the client use the LDAP directory
>> - Install root's ssh public key in the client's authorized_keys file
>> - Install on the client any agent required by the monitoring service
>>  ... and so on
> I'd just like to mention that I'd like to see kerberos added to to this
> basic setup; use ldap for NSS and Kerberos for authentication.  I'd also
> be interested in participating in this project in any way possible.
time for a wiki page.   fire it up.

More information about the ubuntu-server mailing list