From: erik quanstrom <quanstro@quanstro.net>
To: 9fans@9fans.net
Subject: Re: [9fans] Remote auth server
Date: Mon, 24 Mar 2014 10:09:34 -0400 [thread overview]
Message-ID: <367fe014777c643663f1c18bcbc3659a@brasstown.quanstro.net> (raw)
In-Reply-To: <CAOotBeL=pVM9nGiae3aOHe_F9WnB-_kUaj3JdVJmPuk_HF4faw@mail.gmail.com>
> But is it actually possible to have the auth server and terminal not
> on the same LAN? Every configuration example I've seen has all the
> resources on the same IP address block.
yes. i used to run a single authentication server for 2 sites.
you'll need to make sure the auth server is announcing the
right services on the right ports. assuming that you're using
net.alt (adjust to /net if not)
aux/listen -q -t /rc/bin/service.auth -d /rc/bin/service.ext /net.alt/tcp
you'll need tcp567 in that directory. if you have !tcp567 in that
directory, you can simply rename it.
additionally, it helps to have the following entries in your ndb
files. here's
authdom=myauthdom auth=myauthserver
if you're using dhcp, it helps to have an entry that looks
like the following. this will allow cs (through !ipinfo see
ndbipinfo in ndb(2)) to associate the correct auth server
with every machine on this subnet. (unless overridden in
a specific entry.)
this is an example from 9atom.org
ipnet=labs.9atom.org ip=10.220.0.0 ipmask=/112
fs=land.9atom.org
gw=gw.9atom.org
auth=atta.9atom.org
dns=10.220.1.10
dnsdomain=9atom.org
ipgw=10.220.10.1
- erik
next prev parent reply other threads:[~2014-03-24 14:09 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-24 13:35 Paul A. Anokhin
2014-03-24 13:53 ` Ingo Krabbe
2014-03-24 14:11 ` cinap_lenrek
2014-03-24 14:16 ` erik quanstrom
2014-03-24 14:09 ` erik quanstrom [this message]
2014-03-24 15:41 ` Paul A. Anokhin
2014-03-24 16:34 ` erik quanstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=367fe014777c643663f1c18bcbc3659a@brasstown.quanstro.net \
--to=quanstro@quanstro.net \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).