On Wednesday, July 13, 2022 07:09:33 PM Jeremy Ardley wrote: > I understand that certificate based SSH authentication has problems with > overall security management on a network. Password only has similar > problems.
I'm not sure it has any more problems than ssh public key authentication, maybe even less, but that is part of what I'm trying to learn / determine. > The correct solution seems to be a centrally managed authentication > server but I haven't found any simple guide to implementing that in the > Debian environment. Is there any useful tutorial available? tomas makes one suggestion in a later post to this thread. Another way that I think is along the lines you're talking about is referred to as gssapi (iirc) (at least in some of the man pages), of which Kerberos is one variety (iiuc) -- there are apparently other varieties. I don't plan on digging into that. ;-) -- rhk If you reply: snip, snip, and snip again; leave attributions; avoid top posting; and keep it "on list". (Oxford comma included at no charge.) If you change topics, change the Subject: line. A picture is worth a thousand words -- divide by 10 for each minute of video (or audio) or create a transcript and edit it to 10% of the original.