home :: FreeBSD :: identities

What are people using for small identity servers at home?

So, on my home network I have:

• a DHCP server
• a web server
• a CIF file server
• an NFS file server
• an rsync backup server
• a network printer
• a mail server

and various other odds and ends.

However, it strikes me that I do not have a small and simple identity server, where I could define user accounts for all of my various devices and OSes (Windows, Mac OS X, FreeBSD, and probably some Linux also).

What do people use? NIS yellow pages? that seems too unixoid and will probably not help with the Windows machines. Some sort of Microsoft Active Directory? Through Samba? that feels too microsofty perhaps. Is there something that bridges the gap? Going beyond my little home network, is there something that would let me be accepted as an OpenId authenticator? Also, something I could use to allow logins into my machines hosted outside of the home network.

Hmmm. Over the years, we have gotten pretty good at doing IP networks, file sharing, printer sharing, web serving, and even web services and the like... but we are still struggling with having some form of simple authentication mechanism standardized. Probably because it is hard to have trust in authentication mechanisms, and especially the quality of the data they contain(*).

Anyway, that's another interesting weekend project.

(*) Perhaps we are setting the bar too high? I do not need strong authentication with non-repudiation and all that jazz... I would like a simple userid/password mechanism that would return something like the old unix uid/gid, but in 64-bit range, and I would like it to be easily integrated with Windows, Unix, and Mac OS X. Hmmm... fuzzy requirements... it's always more complicated than it looks like. What are people using out there? Any solid and usable public domain reference implementations I could look at and implement? Would Radius fit the bill?

/FreeBSD | Posted at 20:36 | permanent link