Hello,
I have a Linux box with RHEL4 running on it. The box is meant to be on the DMZ. There is a directory on the box that will be remotely from time to time and I want a form of authentication on it.
Presently, I have configured Basic authentication with apache but the security is not tight.
I read about openldap and I need to know how I can use openldap with my box to authenticate remote users when about to view my box.
Can anyone please help me with this?
If you have multiple servers and require a central sign-on method across all server, then LDAP makes your life a lot easier. You only have one repository of user accounts (and passwords) that all configured servers authenticate against. You can store other details within the LDAP (Microsoft's Active Directory is an example of LDAP and what it can store).
As such, LDAP itself doesn't really provide any more security than a system which is configured for local user accounts - it's main benefit is in reducing the amount of time required to administer multiple servers.
You configure your server to authenticate with LDAP first, but your system still needs to authenticate locally in case network issues cause connection problems with your LDAP server.
Without knowing what O/S your server is running, it a little hard to provide more detail. And LDAP installation and configuration, whilst not too difficult, is still not a quick and simple task. There are plently of tuturials on the web - there's sure to be one for your specific system.
Hope this helps a little..