Manage multiple linux users

Question

I have a homelab there is growing larger and larger and I am learning more and more every day. I was wondering if it is possible to manage all of my users from one server? So i don't have to create a new root and normal user with sudo access each time i spin up another Vm? and easily create a new user, reset password and ect.

score 3 · Accepted Answer · answered Nov 04 '15 at 21:18

3

You can manage your users using a ldap server, look at freeipa: https://www.freeipa.org/page/Main_Page

answered Nov 04 '15 at 21:18

Fredi

2,307
13
14

score 2 · Answer 2 · answered Nov 04 '15 at 21:38

There are a variety of central user management techniques available in Linux: ldap, nis, and kerberos are the oldest and probably the best documented and debugged. All of those are going to require a master-slave setup to maintain semi-reliably and replication can be arduous to configure.

Rather than pull your hair out that much when trying to simplify your life I'd suggest using ansible. You can get started without creating any infrastructure other than ssh keys. Ansible has a user module for managing users, but it also allows you to configure everything else. Maybe you want to have all of your servers using the same name servers: add a little more ansible. Maybe you want all of your servers to display a helpful /etc/motd then ansible can help again. The opportunities for saving yourself repeated work go on and on and go much further than keeping your users in sync.

score 1 · Answer 3 · edited Apr 13 '17 at 12:14

1

using OpenLdap is a good idea... It's almost used everywhere and + you can even use ldap to:

store your sudo configuration check what the documentation of sudo says about Sudoers ldap (http://www.sudo.ws/man/1.8.14/sudoers.ldap.man.ht

ml)

store your openssh authorized_keys,for more information you can check this post: SSH key authentication using LDAP

cheers, Julian

edited Apr 13 '17 at 12:14

Community

1

answered Nov 05 '15 at 22:19

julian3680

46

score 0 · Answer 4 · answered Nov 05 '15 at 21:19

If your network is reasonably protected, using NIS is very simple to manage. NIS itself isn't very secure, but the setup is not at all complicated. I would also suggest exporting the home directories to all the other machines via nfs from the same server.

I've had several labs at work with the NIS/nfs setup and I can add, replace or upgrade machines and the users just log on like nothing ever changed - all their configs and files just show up no matter what machine they use.

Manage multiple linux users

4 Answers4