FreeIPA
easy-rsa
Our great sponsors
FreeIPA | easy-rsa | |
---|---|---|
13 | 26 | |
920 | 3,881 | |
1.5% | 1.2% | |
9.4 | 9.4 | |
4 days ago | 5 days ago | |
Python | Shell | |
GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
FreeIPA
- Non-interactive SSH password authentication
-
LDAP resources/recommendations question
I also want to try FreeIPA but as it's built on top of 389ds I'm afraid that it's gonna be as big of a memory hog (will try it later anyways) and has many things I don't and won't need, which I'm afraid would add complexity to setup.
-
My collection of Ansible roles for self-hosting everything with Rocky Linux and FreeIPA
FreeIPA server and replicas
-
how to handle authentication?
A good place to start might be FreeIPA.
-
FreeIPA client on Debian 11
FreeIPA1 is not written in PHP. I believe you are confusing it with another project, maybe FreePBX which is written in PHP?
-
Raspberry Pi 4 2GB on Fedora
I had Fedora 34 installed to an SD card for a FreeIPA node which worked well. It was most likely an earlier release (32 or 33) running on a Pi 3B which would occasionally run out of memory, so the whole thing got transplanted to a Pi 4 with 4GB. I'm pretty sure I used the disk image to install since I like to start from a minimal image and only install what I need.
-
help with administering a large number of linux systems via ssh
Take a look at FreeIPA
- Active directory alternative linux ?
-
rant: Linux authentication is a freaking dog's breakfast
https://www.freeipa.org/page/Main_Page and https://github.com/freeipa/freeipa/tree/master/doc/workshop
- Does Linux server have anything similiar to Windows AD DS?
easy-rsa
-
Running one’s own root Certificate Authority in 2023
Easy-rsa to the rescue. Been using it for a while, works great and makes life easier :)
Link: https://github.com/OpenVPN/easy-rsa
Summary from that page:
easy-rsa is a CLI utility to build and manage a PKI CA. In laymen's terms, this means to create a root certificate authority, and request and sign certificates, including intermediate CAs and certificate revocation lists (CRL).
-
How to invalidate the usage of a OpenVpn client without revoke it in the CA Server?
No, OpenVPN relies on the CA trust model. Anyone signed by the CA has access, unless they have been revoked (CRL): https://github.com/OpenVPN/easy-rsa/blob/master/doc/EasyRSA-Renew-and-Revoke.md
-
Best OpenVPN web UI for a small business
Then make do with the CLI. There might be some tooling to help you, e.g. https://github.com/OpenVPN/easy-rsa
-
AMA/Brown Bag: OpenVPN / EasyRSA
Hey folks. I'm one of the authors for Mastering OpenVPN, the author of Troubleshooting OpenVPN, and the maintainer of EasyRSA. In light of Apollo and other 3rd party apps going dark on the 30th, I figured I'd "turn in my notice" on Reddit and do the normal sysadmin data dump/brown bag before I'm gone. I've really enjoyed this group and hope things get sorted in the long run.
-
PFSense Tutorial - Self signing of SSL/TLS Certificate (cause not all have the money to buy one) - https://youtu.be/aj5FUFMn9f0
Correct. That applies to OpenVPN. There's a tool that OpenRSA maintains that help with creating those certificates, EasyRSA: https://github.com/OpenVPN/easy-rsa
-
Invalid Security Certificate Warnings are ANNOYING
Regarding the keys, csr and certificates it's pretty easy to manage them with easy-rsa (https://github.com/OpenVPN/easy-rsa)
-
How to import server or client certificate on AWS Certificate Manager (ACM)
$ git clone https://github.com/OpenVPN/easy-rsa.git
-
How to manage lots of self-signed certificates
Depending on your use case, either https://github.com/FiloSottile/mkcert or https://github.com/OpenVPN/easy-rsa
-
Totally local web server on HTTPS.
If you can add CAs to the hosts that will access this server, you can be your own certificate authority. mkcert is good, as mentioned elsewhere, or you can go all out: https://github.com/OpenVPN/easy-rsa
- Private CA management
What are some alternatives?
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
OpenSSL - TLS/SSL and crypto library
FreeRADIUS - FreeRADIUS - A multi-protocol policy server.
cfssl - CFSSL: Cloudflare's PKI and TLS toolkit
Samba - https://gitlab.com/samba-team/samba is the Official GitLab mirror of https://git.samba.org/samba.git -- Merge requests should be made on GitLab (not on GitHub)
LetsEncrypt-PRTG - Post request script to install an SSL certificate obtained with Certify the Web or win-acme in PRTG.
daloRADIUS - daloRADIUS is an advanced RADIUS web management application for managing hotspots and general-purpose ISP deployments. It features user management, graphical reporting, accounting, a billing engine, and integrates with OpenStreetMap for geolocation. The system is based on FreeRADIUS with which it shares access to the backend database.
BounCA - BounCA is a web tool to generate self-signed SSL certificates and setup a key infrastructure
LDAP Account Manager (LAM) - LDAP Account Manager
certify - Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com
OpenID - OpenID Certified™ OpenID Connect Relying Party implementation for Apache HTTP Server 2.x
certificates - 🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.