I have a single cpu/auth/dns/dhcp/tftp/file server. and a raspberry pi terminal.
The obvious change would be to add a seperate raspberry pi as an auth server, booting off its own sdcard (if memory serves, the auth server needs to be up first). If I were to do this I would probably make it backup its flash card to an external flash card in a usb adapter every night or so (if there are changes) to give it some protection. This would mean there is really only one system to maintain, the auth server's, and this static except for /sys/log and /adm on password changes. -Steve
