submitted 11 months ago* (last edited 11 months ago) by TheButtonJustSpins@infosec.pub to c/selfhosted@lemmy.world

3 comments fedilink hide all child comments

So, I have a bunch of services behind Authelia, utilizing LDAP hosted on my NAS. I log in once and it carries through my other services that are secured by Authelia, which is great.

However, since my wife rarely visits these services - mostly when I send her links - she has to log in basically every time. I've contemplated putting our laptops on a network login backed by the same LDAP, though I haven't started researching how to do that yet. If I do, though, is there a way to have the laptop login integrate with Authelia or another solution to prevent login prompts?

I know I could do it with Windows and AD, but we're both on Linux, so that complicates things a bit.

top 3 comments

sorted by: hot top controversial new old

[-] ninjan@lemmy.mildgrim.com 5 points 11 months ago* (last edited 11 months ago)

You can do AD on Linux as well and have the account on her laptop be in active directory and passed along at login. I guess this can be done with other tech as well but I haven't explored that.

You could also move to a password less approach, say only authenticator on the phone via push notification or if there's some way to have the hardware ID be used as authentication in a password less scheme.

Edit:

A yubikey might do the trick? Then as long as that is in the laptop she won't need to supply a password.

[-] StefanT@lemmy.world 3 points 11 months ago

You could have a look at Kerberos. That's what Microsoft took as base for AD afaik.

[-] cooopsspace@infosec.pub 2 points 11 months ago

Authentik

this post was submitted on 21 Dec 2023

28 points (100.0% liked)

Selfhosted

40347 readers

202 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz