OpenTofu
Introduction Origins Why use OpenTofu Using OpenTofu ...
Post tagged: authentication
Tunneling NFS over SSH
This recipe is for tunneling NFS traffic over SSH. This adds encryption and Public Key authentication to otherwise insecure NFS traffic. For this recipe to work, requires NFSv4. Earlier versions were not tested, but I expect not all the functionality to work. server configuration ...
Home Assistant HTTP Based Authentication Backend
This recipe is to authenticate users using a web server providing Basic HTTP authentication for it users. This is useful if you want to consolidate users/passwords in a single system. So instead of managing users on Home Assistant you can have all users managed from a central location. ...
Photoprism
photoprism is a web based photo management application. From its website: PhotoPrism® is an AI-Powered Photos App for the Decentralized Web. It makes use of the latest technologies to tag and find pictures automatically without getting in your way. You can run it at home, ...
nginx's auth_request_module howto
This article tries to supplement the nginx documentations regarding the auth_request module and how to configure it. In my opinion, that documentation is a bit incomplete. What is the nginx's auth_request module The documentation for this module says, it implements client ...
VNC desktop
IDEA: Client connects > < server sends version string (Use 3.3 only) Client replies with actual verison string > < server sends security type; NONE Client send ClientInit (shared flag) > ...
Deploying Kerberos based SSO
This article goes over how to implement Single-Sign-On on Linux. It goes over the integration around the Kerberos service and the applications, like for example FireFox. Pre-requisites ...
Kerberos Client
This simple mini how-to goes over the configuration of a linux system so it can use a Kerberos Realm server for authentication. Make sure you have the pam_krb5 rpm files installed. You can check this by running the rpm -qa | grep pam command and seeing whether the pam_krb5 rpm files are listed. If they aren't, you can typically download them in an update of the Linux or Unix operating system that you are running. ...
Chrome Kerberos Authentication
To config chrome to use kerberos authentication you need to start the application the following parameter: auth-server-whitelist - Allowed FQDN - Set the FQDN of the IdP Server. Example: chrome --auth-server-whitelist="*aai-logon.domain-a.com" auth-negotiate-delegate-whitelist - For which FQDN credential delegation will be allowed. ...
OpenWRT web
Some useful tidbits to use when using the OpenWRT embedded web server (uHTTPD). Embedded Lua uHTTPd supports running Lua in-process, which can speed up Lua CGI scripts. It is unclear whether LuCI supports running in this embedded interpreter. LuCI seems to work fine (if not better) with the embedded ...
Native Kerberos Authentication with SSH
This article is about integrating OpenSSH in a kerberos environment. Allthough OpenSSH can provide passwordless logins (through Public/Private keys), it is not a true SSO set-up. This article makes use of Kerberos TGT service to implement a true SSO configuration for OpenSSH. Pre-requisites First off, you'll need to make sure that the OpenSSH server's Kerberos configuration (in /etc/krb5.conf) is correct and works, and that the server's keytab (typically /etc/krb5.keytab) contains an entry for host/fqdn@REALM (case-sensitive). I won't go into details on how this is done again; instead, I'll refer you to any one of the recent Kerberos-related articles (like this one, this one, or even this one). Just be sure that you can issue a kinit -k host/fqdn@REALM and get back a Kerberos ticket without having specify a password. (This tells you that the keytab is working as expected.) ...
Kerberos howtos
Kerberos is a network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. (Source Kerberos_(protocol) ) Backups Create backup: ...
Git recipes
Sharing repositories setting git email per repository A collection of small useful recipes for using with Git. ...
Page 1 / 1