𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍

       🅸 🅰🅼 🆃🅷🅴 🅻🅰🆆. 
 𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍 𝖋𝖊𝖆𝖙𝖍𝖊𝖗𝖘𝖙𝖔𝖓𝖊𝖍𝖆𝖚𝖌𝖍 

Ceterum Lemmi necessitates reactiones

  • 1 Post
  • 42 Comments
Joined 3 years ago
cake
Cake day: August 26th, 2022

help-circle
  • B2 warns you, in advance, if your payment mechanism is expiring. And then, they don’t immediately delete your account or data if you’re late.

    If you find out they accept advance payment, let me know; and I’ll do the same. Based on their charge model, you won’t be able to pay for X months, but I’d like to, say, have an account balance they will draw on if my payments fail.

    I’m in particular considering the case of my untimely death. I have instructions for my family to get at all the backups, just in case, but if I die dealing with that is going to be really low on their list of priorities. I’d like to know that, 6 months after my CC stops working, my family will still be able to access my backups if they need to.

    I double back-up onto SSD, but still.






  • This is where I get stuck. I’ve worked with OAuth before, and it is very web-centric. Maybe it’s possible to work around http connections, but everything I’ve read makes it clear that it was designed with web applications - and browsers - as the foundational concept.

    For example, I have a memory of trying to get two servers - neither of which had anything to do with the web - to authenticate, and to use OAuth I remember having to import an http library.

    It’s been an age, so I may not be remembering it correctly; but IIRC the OAuth flow is designed around web protocols.


  • Don’t you threaten me with Kerberos. I used to have to deal with that crap decades ago; I disliked it then, and unless it’s gotten dramatically easier to work with, it’s not an option for me now.

    I hadn’t heard specifically about samba4ad, but Kerberos on LDAP (and, originally, I think, on OLAP) I’m familiar with.

    I like LDAP in concept, but after using OpenLDAP for a few years when my network evolved OpenLDAP evolved out of it. It may have been secure, but a more horribly, difficult to debug piece if software, I’ve rarely met. LLDAP has changed all that, and allowed me to start using LDAP again; it may be less capable, but OpenLDAP was overkill for home gamers. LLDAP is juuuust right.

    Accidentally enabling SSO sounds like a big fish tale. SSO of usually a PITA to configure and set up. Even commercial software offerings are byzantine.







  • Yeah, that sounds ideal. I’d prefer editing a file than administering through a web page.

    I’m checking Authelia right now.

    SSO is part, but not all, of the picture. There’s also multi-system passwords, for things like sudo, and non-web service authentication; most of the stuff like OAUTH is really hacky to make work outside of web environments.

    I’ve considered Vault for some of the inter-service authentication, but there’s not broad support built into services and it’s yet another thing to mess with.

    LDAP forms a good base for most use cases, and so keeping it as the source of truth is important for me. And then, as few other layers on top to get SSO. Authelia is looking like the best solution.