Random sysadmin gripe: we need a better way to manage "persistent machine credentials" rather than just "stuff a password somewhere in /etc and chmod 600". Like having a way for root to use samba's domain-bind "computer account" credentials to authenticate to things like log aggregation servers or shared NFSv3 mounts. (Specifically for authenticating "as" the computer, rather than sharing a service account password across all machines, or creating a new service account for all machines. For hosting things not tied to a given box, I'd still use the shared service account model)
=> More informations about this toot | More toots from becomethewaifu@tech.lgbt
@becomethewaifu MUNGE?
https://dun.github.io/munge/
This is what seemed to be the go-to auth system when I was doing SLURM work years ago.
=> More informations about this toot | More toots from azonenberg@ioc.exchange This content has been proxied by September (ba2dc).Proxy Information
text/gemini