So, I have a bunch of services behind Authelia, utilizing LDAP hosted on my NAS. I log in once and it carries through my other services that are secured by Authelia, which is great.

However, since my wife rarely visits these services - mostly when I send her links - she has to log in basically every time. I’ve contemplated putting our laptops on a network login backed by the same LDAP, though I haven’t started researching how to do that yet. If I do, though, is there a way to have the laptop login integrate with Authelia or another solution to prevent login prompts?

I know I could do it with Windows and AD, but we’re both on Linux, so that complicates things a bit.

  • ninjan@lemmy.mildgrim.com
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    You can do AD on Linux as well and have the account on her laptop be in active directory and passed along at login. I guess this can be done with other tech as well but I haven’t explored that.

    You could also move to a password less approach, say only authenticator on the phone via push notification or if there’s some way to have the hardware ID be used as authentication in a password less scheme.

    Edit:

    A yubikey might do the trick? Then as long as that is in the laptop she won’t need to supply a password.

  • StefanT@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    You could have a look at Kerberos. That’s what Microsoft took as base for AD afaik.