I am trying to find a solution for use with remote machines that will be
accessing a central user server. The remote machines will be Linux-based
terminal servers, and the central machine is BSDI (which has no NIS, as
far as I know).
The features I need are:
- remote machine will collect username and password, and must
verify it with the central user server (REQUIRED)
- a log must be kept of user login/logout and service(s) used
(terminal, SLIP, PPP, etc) for billing purposes. This would
be best kept on the central server, but keeping it on the
remote server would be acceptable (REQUIRED)
- some type of centralized access control would be good to
control things (based on user login) such as:
- user's assigned IP address
- restricted/allowed IP addresses (so I can prevent them
from going out to the Internet and keep them just within
- time-of-day login restrictions
- multiple logins under the same account or group of accounts
These are things that are available with systems such as Cisco's TACACS.
I've thought of creating an xtacacs client, which would work in
conjunction with the existing xtacacs server. However, before I start, I
wanted to find out if there is an existing system out there that might be
able to fill these functions.
Any help or pointers are *greatly* appreciated.