28
Integrated Login? (infosec.pub)
submitted 9 months ago* (last edited 9 months ago) by TheButtonJustSpins@infosec.pub to c/selfhosted@lemmy.world
3 comments fedilink hide all child comments

So, I have a bunch of services behind Authelia, utilizing LDAP hosted on my NAS. I log in once and it carries through my other services that are secured by Authelia, which is great.

However, since my wife rarely visits these services - mostly when I send her links - she has to log in basically every time. I've contemplated putting our laptops on a network login backed by the same LDAP, though I haven't started researching how to do that yet. If I do, though, is there a way to have the laptop login integrate with Authelia or another solution to prevent login prompts?

I know I could do it with Windows and AD, but we're both on Linux, so that complicates things a bit.

top 3 comments
sorted by: hot top controversial new old
[-] ninjan@lemmy.mildgrim.com 5 points 9 months ago* (last edited 9 months ago)

You can do AD on Linux as well and have the account on her laptop be in active directory and passed along at login. I guess this can be done with other tech as well but I haven't explored that.

You could also move to a password less approach, say only authenticator on the phone via push notification or if there's some way to have the hardware ID be used as authentication in a password less scheme.

Edit:

A yubikey might do the trick? Then as long as that is in the laptop she won't need to supply a password.

[-] StefanT@lemmy.world 3 points 9 months ago

You could have a look at Kerberos. That's what Microsoft took as base for AD afaik.

[-] cooopsspace@infosec.pub 2 points 8 months ago

Authentik

this post was submitted on 21 Dec 2023
28 points (100.0% liked)

Selfhosted

39203 readers
281 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz