Hey guys,
I’m a Debian guy and want to run the software with the latest Debian 8. The
documentation tells me to use the Ubuntu packages, but I’m a bit afraid it
this is a long term solution?
Also the packages are only available fot Ubuntu LTS 14.4, not the 16.4.
So what is the best way for a mission critical use with some LTS type? Use
of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8 package?
I don’t like CentOS, so this is not a real alternative for me.
Thanks!
Michael
Forget it, found the function in the user table UI, works perfectly, also
with the freeradius plugin.
Now it’s time for the CA. :)2016-06-06 13:37 GMT+02:00 Michael Muenz <@Michael_Muenz>:
Thanks, really appreciate your help!
I’ll set up a local CA, shouldn’t be an issue.I there also a link to check the token vadility via curl?
Am Montag, 6. Juni 2016 13:19:21 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,
in case of CA take a look here:
5.4. CA Connectors — privacyIDEA 3.8 documentation
privacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.Kind regards
CorneliusAm Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:
Sadly … yes
Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))Michael
Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team?Of course you will not run it with py-mange the same way you will not run linotp with the crappy old paster! You will not need an init script, since it runs as a web service. Read2.7. The WSGI Script — privacyIDEA 3.8 documentation
and here you will see the real killer feature, i.e. you can run several independent instances of privacyIDEA on one machine! Kind regards Cornelius Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz: > I checked the PIP stuff, but is this really usable for productive > usage? > This seems to me like a virtual testing environment. > > > Is there a init.script or will I have to start it always via > py-manage? > > > When I think about a support team and teach it how stuff works, they > will kill me when they see a new thing like this :) > > > > > Michael > > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel: > Hi Michael, > > I think there are also some other interesting things, besides > the > mordern UI and the redesigned REST API like > > * assign tokens to machines > * offline OTP > * radius migration > * event handler > to name a few... > > Nevertheless, I am curious for your feedback. > > Kind regards > Cornelius > > Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz: > > Cornelius, > > > > > > Thanks for your fast reply! Until now I'm very familiar with > LinOTP > > and it works pretty good with Debian 8, but your new feature > to manage > > certificates could be a killer (for LinOTP). > > I'll have a look at PIP and try to migrate some accounts for > testing. > > > > > > Keep up with the good work! > > > > > > Michael > > > > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote: > > Hello Michael, > > > > I would recommend using pip with a virtual > environment. > > Honestly I am also thinking about switching packages > to > > virtual > > environments. PIP installations are also supported > by the > > enterprise > > SLAs. So you can be sure, that this is no dead end. > > > > The 14.04 packages have dependencies to python > modules. The > > privacyidea > > modules reside in the systems module path. > > Dependent modules are also taken from the system. > Which is > > sometimes > > difficult, due to version differences! > > And with 16.04 there is also a naming conflict in > dependent > > modules. > > > > So I am in fact thinking about having the packages > > (deb-packages) > > containing self contained python virtual envs. > > The debian package and the RPM packages already work > this > > way... > > > > So when updating your system with apt-get the pip > installed > > self > > contained privacyidea virtualenv will also be > updated. > > > > Kind regards > > Cornelius > > > > > > Am Montag, den 06.06.2016, 00:43 -0700 schrieb > Michael Muenz: > > > Hey guys, > > > > > > > > > I'm a Debian guy and want to run the software with > the > > latest Debian > > > 8. The documentation tells me to use the Ubuntu > packages, > > but I'm a > > > bit afraid it this is a long term solution? > > > Also the packages are only available fot Ubuntu > LTS 14.4, > > not the > > > 16.4. > > > > > > > > > So what is the best way for a mission critical use > with some > > LTS type? > > > Use of PiP? Use old LTS? Use Debian 7 and wait for > a stable > > Debian 8 > > > package? > > > I don't like CentOS, so this is not a real > alternative for > > me. > > > > > > > > > Thanks! > > > Michael > > > -- > > > Please read the blog post about getting help > > > https://www.privacyidea.org/getting-help/. > > > > > > For professional services and consultancy > regarding two > > factor > > > authentication please visit > > > > https://netknights.it/en/leistungen/one-time-services/ > > > > > > In an enterprise environment you should get a > SERVICE LEVEL > > AGREEMENT > > > which suites your needs for SECURITY, AVAILABILITY > and > > LIABILITY: > > > > > > https://netknights.it/en/leistungen/service-level-agreements/ > > > --- > > > You received this message because you are > subscribed to the > > Google > > > Groups "privacyidea" group. > > > To unsubscribe from this group and stop receiving > emails > > from it, send > > > an email to privacyidea...@googlegroups.com. > > > To post to this group, send email to > > priva...@googlegroups.com. > > > Visit this group at > > https://groups.google.com/group/privacyidea. > > > To view this discussion on the web visit > > > > > >> > > For more options, visit > https://groups.google.com/d/optout. > > > > -- > > Cornelius Kölbel > > corneliu...@netknights.it > > +49 151 2960 1417 > > > > NetKnights GmbH > > http://www.netknights.it > > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > > Tel: +49 561 3166797, Fax: +49 561 3166798 > > > > Amtsgericht Kassel, HRB 16405 > > Geschäftsführer: Cornelius Kölbel > > > > > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > >> > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit >> For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to a topic in the
Google Groups “privacyidea” group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/privacyidea/f9ueFECvKG8/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/a221fe35-2575-4a6c-b30e-9548e8994822%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/a221fe35-2575-4a6c-b30e-9548e8994822%40googlegroups.com?utm_medium=email&utm_source=footer
.For more options, visit https://groups.google.com/d/optout.
Hi Michael,
I think there are also some other interesting things, besides the
mordern UI and the redesigned REST API like
Nevertheless, I am curious for your feedback.
Kind regards
CorneliusAm Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz:
Cornelius,
Thanks for your fast reply! Until now I’m very familiar with LinOTP
and it works pretty good with Debian 8, but your new feature to manage
certificates could be a killer (for LinOTP).
I’ll have a look at PIP and try to migrate some accounts for testing.Keep up with the good work!
Michael
On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
Hello Michael,I would recommend using pip with a virtual environment. Honestly I am also thinking about switching packages to virtual environments. PIP installations are also supported by the enterprise SLAs. So you can be sure, that this is no dead end. The 14.04 packages have dependencies to python modules. The privacyidea modules reside in the systems module path. Dependent modules are also taken from the system. Which is sometimes difficult, due to version differences! And with 16.04 there is also a naming conflict in dependent modules. So I am in fact thinking about having the packages (deb-packages) containing self contained python virtual envs. The debian package and the RPM packages already work this way... So when updating your system with apt-get the pip installed self contained privacyidea virtualenv will also be updated. Kind regards Cornelius Am Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz: > Hey guys, > > > I'm a Debian guy and want to run the software with the latest Debian > 8. The documentation tells me to use the Ubuntu packages, but I'm a > bit afraid it this is a long term solution? > Also the packages are only available fot Ubuntu LTS 14.4, not the > 16.4. > > > So what is the best way for a mission critical use with some LTS type? > Use of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8 > package? > I don't like CentOS, so this is not a real alternative for me. > > > Thanks! > Michael > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Hi Michael,
in case of CA take a look here:
http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html
privacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.
The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.
Kind regards
CorneliusAm Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:
Sadly … yes
Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))Michael
Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team?Of course you will not run it with py-mange the same way you will not run linotp with the crappy old paster! You will not need an init script, since it runs as a web service. Read http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html and here you will see the real killer feature, i.e. you can run several independent instances of privacyIDEA on one machine! Kind regards Cornelius Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz: > I checked the PIP stuff, but is this really usable for productive > usage? > This seems to me like a virtual testing environment. > > > Is there a init.script or will I have to start it always via > py-manage? > > > When I think about a support team and teach it how stuff works, they > will kill me when they see a new thing like this :) > > > > > Michael > > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel: > Hi Michael, > > I think there are also some other interesting things, besides > the > mordern UI and the redesigned REST API like > > * assign tokens to machines > * offline OTP > * radius migration > * event handler > to name a few... > > Nevertheless, I am curious for your feedback. > > Kind regards > Cornelius > > Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz: > > Cornelius, > > > > > > Thanks for your fast reply! Until now I'm very familiar with > LinOTP > > and it works pretty good with Debian 8, but your new feature > to manage > > certificates could be a killer (for LinOTP). > > I'll have a look at PIP and try to migrate some accounts for > testing. > > > > > > Keep up with the good work! > > > > > > Michael > > > > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote: > > Hello Michael, > > > > I would recommend using pip with a virtual > environment. > > Honestly I am also thinking about switching packages > to > > virtual > > environments. PIP installations are also supported > by the > > enterprise > > SLAs. So you can be sure, that this is no dead end. > > > > The 14.04 packages have dependencies to python > modules. The > > privacyidea > > modules reside in the systems module path. > > Dependent modules are also taken from the system. > Which is > > sometimes > > difficult, due to version differences! > > And with 16.04 there is also a naming conflict in > dependent > > modules. > > > > So I am in fact thinking about having the packages > > (deb-packages) > > containing self contained python virtual envs. > > The debian package and the RPM packages already work > this > > way... > > > > So when updating your system with apt-get the pip > installed > > self > > contained privacyidea virtualenv will also be > updated. > > > > Kind regards > > Cornelius > > > > > > Am Montag, den 06.06.2016, 00:43 -0700 schrieb > Michael Muenz: > > > Hey guys, > > > > > > > > > I'm a Debian guy and want to run the software with > the > > latest Debian > > > 8. The documentation tells me to use the Ubuntu > packages, > > but I'm a > > > bit afraid it this is a long term solution? > > > Also the packages are only available fot Ubuntu > LTS 14.4, > > not the > > > 16.4. > > > > > > > > > So what is the best way for a mission critical use > with some > > LTS type? > > > Use of PiP? Use old LTS? Use Debian 7 and wait for > a stable > > Debian 8 > > > package? > > > I don't like CentOS, so this is not a real > alternative for > > me. > > > > > > > > > Thanks! > > > Michael > > > -- > > > Please read the blog post about getting help > > > https://www.privacyidea.org/getting-help/. > > > > > > For professional services and consultancy > regarding two > > factor > > > authentication please visit > > > > https://netknights.it/en/leistungen/one-time-services/ > > > > > > In an enterprise environment you should get a > SERVICE LEVEL > > AGREEMENT > > > which suites your needs for SECURITY, AVAILABILITY > and > > LIABILITY: > > > > > > https://netknights.it/en/leistungen/service-level-agreements/ > > > --- > > > You received this message because you are > subscribed to the > > Google > > > Groups "privacyidea" group. > > > To unsubscribe from this group and stop receiving > emails > > from it, send > > > an email to privacyidea...@googlegroups.com. > > > To post to this group, send email to > > priva...@googlegroups.com. > > > Visit this group at > > https://groups.google.com/group/privacyidea. > > > To view this discussion on the web visit > > > > > > https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. > > > For more options, visit > https://groups.google.com/d/optout. > > > > -- > > Cornelius Kölbel > > corneliu...@netknights.it > > +49 151 2960 1417 > > > > NetKnights GmbH > > http://www.netknights.it > > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > > Tel: +49 561 3166797, Fax: +49 561 3166798 > > > > Amtsgericht Kassel, HRB 16405 > > Geschäftsführer: Cornelius Kölbel > > > > > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Hello Michael,
I would recommend using pip with a virtual environment.
Honestly I am also thinking about switching packages to virtual
environments. PIP installations are also supported by the enterprise
SLAs. So you can be sure, that this is no dead end.
The 14.04 packages have dependencies to python modules. The privacyidea
modules reside in the systems module path.
Dependent modules are also taken from the system. Which is sometimes
difficult, due to version differences!
And with 16.04 there is also a naming conflict in dependent modules.
So I am in fact thinking about having the packages (deb-packages)
containing self contained python virtual envs.
The debian package and the RPM packages already work this way…
So when updating your system with apt-get the pip installed self
contained privacyidea virtualenv will also be updated.
Kind regards
CorneliusAm Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz:
Hey guys,
I’m a Debian guy and want to run the software with the latest Debian
8. The documentation tells me to use the Ubuntu packages, but I’m a
bit afraid it this is a long term solution?
Also the packages are only available fot Ubuntu LTS 14.4, not the
16.4.So what is the best way for a mission critical use with some LTS type?
Use of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8
package?
I don’t like CentOS, so this is not a real alternative for me.Thanks!
MichaelPlease read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Full code documentation
http://privacyidea.readthedocs.io/en/latest/modules/index.html
And REST validate API
http://privacyidea.readthedocs.io/en/latest/modules/api/validate.htmlAm Montag, den 06.06.2016, 04:37 -0700 schrieb Michael Muenz:
Thanks, really appreciate your help!
I’ll set up a local CA, shouldn’t be an issue.I there also a link to check the token vadility via curl?
Am Montag, 6. Juni 2016 13:19:21 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,in case of CA take a look here: http://privacyidea.readthedocs.io/en/latest/configuration/caconnectors.html privacyIDEA comes with a basic local CA connector, which is calling a local openssl configuration. The CA connector concept is the idea of allowing different kind of CA. If someone wants to dive into RPC you could also connect to a microsoft CA. The CA functionality for local CA was improved in the latest version, but still - as the trust of the CA does not come from privacyIDEA itself but from the underlying CA - you need to do some setup in openssl. Kind regards Cornelius Am Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz: > Sadly ... yes :) > > > Ok, I've installed the Trusty packages with Jessie so collect some > ideas of how all things work. > > > Now I have a fresh setup and was able to import some users from ldap. > Will try to import some Safenet and Feitian tokens and test the > WebCA :)) > > > Michael > > Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel: > Do you have such a poor standing at the support team? ;-) > > Of course you will not run it with py-mange the same way you > will not > run linotp with the crappy old paster! > > You will not need an init script, since it runs as a web > service. > > Read > http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html > and here you will see the real killer feature, i.e. > you can run several independent instances of privacyIDEA on > one machine! > > Kind regards > Cornelius > > > Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz: > > I checked the PIP stuff, but is this really usable for > productive > > usage? > > This seems to me like a virtual testing environment. > > > > > > Is there a init.script or will I have to start it always > via > > py-manage? > > > > > > When I think about a support team and teach it how stuff > works, they > > will kill me when they see a new thing like this :) > > > > > > > > > > Michael > > > > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius > Kölbel: > > Hi Michael, > > > > I think there are also some other interesting > things, besides > > the > > mordern UI and the redesigned REST API like > > > > * assign tokens to machines > > * offline OTP > > * radius migration > > * event handler > > to name a few... > > > > Nevertheless, I am curious for your feedback. > > > > Kind regards > > Cornelius > > > > Am Montag, den 06.06.2016, 01:20 -0700 schrieb > Michael Muenz: > > > Cornelius, > > > > > > > > > Thanks for your fast reply! Until now I'm very > familiar with > > LinOTP > > > and it works pretty good with Debian 8, but your > new feature > > to manage > > > certificates could be a killer (for LinOTP). > > > I'll have a look at PIP and try to migrate some > accounts for > > testing. > > > > > > > > > Keep up with the good work! > > > > > > > > > Michael > > > > > > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote: > > > Hello Michael, > > > > > > I would recommend using pip with a > virtual > > environment. > > > Honestly I am also thinking about > switching packages > > to > > > virtual > > > environments. PIP installations are also > supported > > by the > > > enterprise > > > SLAs. So you can be sure, that this is no > dead end. > > > > > > The 14.04 packages have dependencies to > python > > modules. The > > > privacyidea > > > modules reside in the systems module > path. > > > Dependent modules are also taken from the > system. > > Which is > > > sometimes > > > difficult, due to version differences! > > > And with 16.04 there is also a naming > conflict in > > dependent > > > modules. > > > > > > So I am in fact thinking about having the > packages > > > (deb-packages) > > > containing self contained python virtual > envs. > > > The debian package and the RPM packages > already work > > this > > > way... > > > > > > So when updating your system with apt-get > the pip > > installed > > > self > > > contained privacyidea virtualenv will also > be > > updated. > > > > > > Kind regards > > > Cornelius > > > > > > > > > Am Montag, den 06.06.2016, 00:43 0700 schrieb > > Michael Muenz: > > > > Hey guys, > > > > > > > > > > > > I'm a Debian guy and want to run the > software with > > the > > > latest Debian > > > > 8. The documentation tells me to use the > Ubuntu > > packages, > > > but I'm a > > > > bit afraid it this is a long term > solution? > > > > Also the packages are only available fot > Ubuntu > > LTS 14.4, > > > not the > > > > 16.4. > > > > > > > > > > > > So what is the best way for a mission > critical use > > with some > > > LTS type? > > > > Use of PiP? Use old LTS? Use Debian 7 > and wait for > > a stable > > > Debian 8 > > > > package? > > > > I don't like CentOS, so this is not a > real > > alternative for > > > me. > > > > > > > > > > > > Thanks! > > > > Michael > > > > -- > > > > Please read the blog post about getting > help > > > > > https://www.privacyidea.org/getting-help/. > > > > > > > > For professional services and > consultancy > > regarding two > > > factor > > > > authentication please visit > > > > > > > https://netknights.it/en/leistungen/one-time-services/ > > > > > > > > In an enterprise environment you should > get a > > SERVICE LEVEL > > > AGREEMENT > > > > which suites your needs for SECURITY, > AVAILABILITY > > and > > > LIABILITY: > > > > > > > > > > https://netknights.it/en/leistungen/service-level-agreements/ > > > > --- > > > > You received this message because you > are > > subscribed to the > > > Google > > > > Groups "privacyidea" group. > > > > To unsubscribe from this group and stop > receiving > > emails > > > from it, send > > > > an email to > privacyidea...@googlegroups.com. > > > > To post to this group, send email to > > > priva...@googlegroups.com. > > > > Visit this group at > > > > https://groups.google.com/group/privacyidea. > > > > To view this discussion on the web > visit > > > > > > > > > > https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. > > > > For more options, visit > > https://groups.google.com/d/optout. > > > > > > -- > > > Cornelius Kölbel > > > corneliu...@netknights.it > > > +49 151 2960 1417 > > > > > > NetKnights GmbH > > > http://www.netknights.it > > > Landgraf-Karl-Str. 19, 34131 Kassel, > Germany > > > Tel: +49 561 3166797, Fax: +49 561 > 3166798 > > > > > > Amtsgericht Kassel, HRB 16405 > > > Geschäftsführer: Cornelius Kölbel > > > > > > > > > -- > > > Please read the blog post about getting help > > > https://www.privacyidea.org/getting-help/. > > > > > > For professional services and consultancy > regarding two > > factor > > > authentication please visit > > > > https://netknights.it/en/leistungen/one-time-services/ > > > > > > In an enterprise environment you should get a > SERVICE LEVEL > > AGREEMENT > > > which suites your needs for SECURITY, AVAILABILITY > and > > LIABILITY: > > > > > > https://netknights.it/en/leistungen/service-level-agreements/ > > > --- > > > You received this message because you are > subscribed to the > > Google > > > Groups "privacyidea" group. > > > To unsubscribe from this group and stop receiving > emails > > from it, send > > > an email to privacyidea...@googlegroups.com. > > > To post to this group, send email to > > priva...@googlegroups.com. > > > Visit this group at > > https://groups.google.com/group/privacyidea. > > > To view this discussion on the web visit > > > > > > https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com. > > > For more options, visit > https://groups.google.com/d/optout. > > > > -- > > Cornelius Kölbel > > corneliu...@netknights.it > > +49 151 2960 1417 > > > > NetKnights GmbH > > http://www.netknights.it > > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > > Tel: +49 561 3166797, Fax: +49 561 3166798 > > > > Amtsgericht Kassel, HRB 16405 > > Geschäftsführer: Cornelius Kölbel > > > > > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/fed4185c-58de-4da5-88f5-896511763722%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/a221fe35-2575-4a6c-b30e-9548e8994822%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Thanks, really appreciate your help! 
I’ll set up a local CA, shouldn’t be an issue.
I there also a link to check the token vadility via curl?Am Montag, 6. Juni 2016 13:19:21 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,
in case of CA take a look here:
5.4. CA Connectors — privacyIDEA 3.8 documentationprivacyIDEA comes with a basic local CA connector, which is calling a
local openssl configuration. The CA connector concept is the idea of
allowing different kind of CA. If someone wants to dive into RPC you
could also connect to a microsoft CA.The CA functionality for local CA was improved in the latest version,
but still - as the trust of the CA does not come from privacyIDEA itself
but from the underlying CA - you need to do some setup in openssl.Kind regards
CorneliusAm Montag, den 06.06.2016, 03:45 -0700 schrieb Michael Muenz:
Sadly … yes
Ok, I’ve installed the Trusty packages with Jessie so collect some
ideas of how all things work.Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the
WebCA :))Michael
Am Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team?Of course you will not run it with py-mange the same way you will not run linotp with the crappy old paster! You will not need an init script, since it runs as a web service. Read2.7. The WSGI Script — privacyIDEA 3.8 documentation
and here you will see the real killer feature, i.e. you can run several independent instances of privacyIDEA on one machine! Kind regards Cornelius Am Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz: > I checked the PIP stuff, but is this really usable for productive > usage? > This seems to me like a virtual testing environment. > > > Is there a init.script or will I have to start it always via > py-manage? > > > When I think about a support team and teach it how stuff works, they > will kill me when they see a new thing like this :) > > > > > Michael > > Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel: > Hi Michael, > > I think there are also some other interesting things, besides > the > mordern UI and the redesigned REST API like > > * assign tokens to machines > * offline OTP > * radius migration > * event handler > to name a few... > > Nevertheless, I am curious for your feedback. > > Kind regards > Cornelius > > Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz: > > Cornelius, > > > > > > Thanks for your fast reply! Until now I'm very familiar with > LinOTP > > and it works pretty good with Debian 8, but your new feature > to manage > > certificates could be a killer (for LinOTP). > > I'll have a look at PIP and try to migrate some accounts for > testing. > > > > > > Keep up with the good work! > > > > > > Michael > > > > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote: > > Hello Michael, > > > > I would recommend using pip with a virtual > environment. > > Honestly I am also thinking about switching packages > to > > virtual > > environments. PIP installations are also supported > by the > > enterprise > > SLAs. So you can be sure, that this is no dead end. > > > > The 14.04 packages have dependencies to python > modules. The > > privacyidea > > modules reside in the systems module path. > > Dependent modules are also taken from the system. > Which is > > sometimes > > difficult, due to version differences! > > And with 16.04 there is also a naming conflict in > dependent > > modules. > > > > So I am in fact thinking about having the packages > > (deb-packages) > > containing self contained python virtual envs. > > The debian package and the RPM packages already work > this > > way... > > > > So when updating your system with apt-get the pip > installed > > self > > contained privacyidea virtualenv will also be > updated. > > > > Kind regards > > Cornelius > > > > > > Am Montag, den 06.06.2016, 00:43 -0700 schrieb > Michael Muenz: > > > Hey guys, > > > > > > > > > I'm a Debian guy and want to run the software with > the > > latest Debian > > > 8. The documentation tells me to use the Ubuntu > packages, > > but I'm a > > > bit afraid it this is a long term solution? > > > Also the packages are only available fot Ubuntu > LTS 14.4, > > not the > > > 16.4. > > > > > > > > > So what is the best way for a mission critical use > with some > > LTS type? > > > Use of PiP? Use old LTS? Use Debian 7 and wait for > a stable > > Debian 8 > > > package? > > > I don't like CentOS, so this is not a real > alternative for > > me. > > > > > > > > > Thanks! > > > Michael > > > -- > > > Please read the blog post about getting help > > > https://www.privacyidea.org/getting-help/. > > > > > > For professional services and consultancy > regarding two > > factor > > > authentication please visit > > > > https://netknights.it/en/leistungen/one-time-services/ > > > > > > In an enterprise environment you should get a > SERVICE LEVEL > > AGREEMENT > > > which suites your needs for SECURITY, AVAILABILITY > and > > LIABILITY: > > > > > > https://netknights.it/en/leistungen/service-level-agreements/ > > > --- > > > You received this message because you are > subscribed to the > > Google > > > Groups "privacyidea" group. > > > To unsubscribe from this group and stop receiving > emails > > from it, send > > > an email to privacyidea...@googlegroups.com. > > > To post to this group, send email to > > priva...@googlegroups.com. > > > Visit this group at > > https://groups.google.com/group/privacyidea. > > > To view this discussion on the web visit > > > > > >> > > For more options, visit > https://groups.google.com/d/optout. > > > > -- > > Cornelius Kölbel > > corneliu...@netknights.it > > +49 151 2960 1417 > > > > NetKnights GmbH > > http://www.netknights.it > > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > > Tel: +49 561 3166797, Fax: +49 561 3166798 > > > > Amtsgericht Kassel, HRB 16405 > > Geschäftsführer: Cornelius Kölbel > > > > > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > >> > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit >> For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Do you have such a poor standing at the support team? 
Of course you will not run it with py-mange the same way you will not
run linotp with the crappy old paster!
You will not need an init script, since it runs as a web service.
Read
http://privacyidea.readthedocs.io/en/latest/installation/system/wsgiscript.html
and here you will see the real killer feature, i.e.
you can run several independent instances of privacyIDEA on one machine!
Kind regards
CorneliusAm Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz:
I checked the PIP stuff, but is this really usable for productive
usage?
This seems to me like a virtual testing environment.Is there a init.script or will I have to start it always via
py-manage?When I think about a support team and teach it how stuff works, they
will kill me when they see a new thing like thisMichael
Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,I think there are also some other interesting things, besides the mordern UI and the redesigned REST API like * assign tokens to machines * offline OTP * radius migration * event handler to name a few... Nevertheless, I am curious for your feedback. Kind regards Cornelius Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz: > Cornelius, > > > Thanks for your fast reply! Until now I'm very familiar with LinOTP > and it works pretty good with Debian 8, but your new feature to manage > certificates could be a killer (for LinOTP). > I'll have a look at PIP and try to migrate some accounts for testing. > > > Keep up with the good work! > > > Michael > > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote: > Hello Michael, > > I would recommend using pip with a virtual environment. > Honestly I am also thinking about switching packages to > virtual > environments. PIP installations are also supported by the > enterprise > SLAs. So you can be sure, that this is no dead end. > > The 14.04 packages have dependencies to python modules. The > privacyidea > modules reside in the systems module path. > Dependent modules are also taken from the system. Which is > sometimes > difficult, due to version differences! > And with 16.04 there is also a naming conflict in dependent > modules. > > So I am in fact thinking about having the packages > (deb-packages) > containing self contained python virtual envs. > The debian package and the RPM packages already work this > way... > > So when updating your system with apt-get the pip installed > self > contained privacyidea virtualenv will also be updated. > > Kind regards > Cornelius > > > Am Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz: > > Hey guys, > > > > > > I'm a Debian guy and want to run the software with the > latest Debian > > 8. The documentation tells me to use the Ubuntu packages, > but I'm a > > bit afraid it this is a long term solution? > > Also the packages are only available fot Ubuntu LTS 14.4, > not the > > 16.4. > > > > > > So what is the best way for a mission critical use with some > LTS type? > > Use of PiP? Use old LTS? Use Debian 7 and wait for a stable > Debian 8 > > package? > > I don't like CentOS, so this is not a real alternative for > me. > > > > > > Thanks! > > Michael > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/privacyidea/77685887-ce6c-4003-820f-a8b4679e6cf5%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/456dda03-aac7-4d04-9b72-1d69cfeed0f2%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/dbbdfdaf-6afe-4b8a-b4e2-27aa8f6734d1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Cornelius,
Thanks for your fast reply! Until now I’m very familiar with LinOTP and it
works pretty good with Debian 8, but your new feature to manage
certificates could be a killer (for LinOTP).
I’ll have a look at PIP and try to migrate some accounts for testing.
Keep up with the good work!
MichaelOn Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
Hello Michael,
I would recommend using pip with a virtual environment.
Honestly I am also thinking about switching packages to virtual
environments. PIP installations are also supported by the enterprise
SLAs. So you can be sure, that this is no dead end.The 14.04 packages have dependencies to python modules. The privacyidea
modules reside in the systems module path.
Dependent modules are also taken from the system. Which is sometimes
difficult, due to version differences!
And with 16.04 there is also a naming conflict in dependent modules.So I am in fact thinking about having the packages (deb-packages)
containing self contained python virtual envs.
The debian package and the RPM packages already work this way…So when updating your system with apt-get the pip installed self
contained privacyidea virtualenv will also be updated.Kind regards
CorneliusAm Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz:
Hey guys,
I’m a Debian guy and want to run the software with the latest Debian
8. The documentation tells me to use the Ubuntu packages, but I’m a
bit afraid it this is a long term solution?
Also the packages are only available fot Ubuntu LTS 14.4, not the
16.4.So what is the best way for a mission critical use with some LTS type?
Use of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8
package?
I don’t like CentOS, so this is not a real alternative for me.Thanks!
MichaelPlease read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Sadly … yes
Ok, I’ve installed the Trusty packages with Jessie so collect some ideas of
how all things work.
Now I have a fresh setup and was able to import some users from ldap.
Will try to import some Safenet and Feitian tokens and test the WebCA :))
MichaelAm Montag, 6. Juni 2016 11:21:03 UTC+2 schrieb Cornelius Kölbel:
Do you have such a poor standing at the support team?
Of course you will not run it with py-mange the same way you will not
run linotp with the crappy old paster!You will not need an init script, since it runs as a web service.
Read
2.7. The WSGI Script — privacyIDEA 3.8 documentation
and here you will see the real killer feature, i.e.
you can run several independent instances of privacyIDEA on one machine!Kind regards
CorneliusAm Montag, den 06.06.2016, 02:15 -0700 schrieb Michael Muenz:
I checked the PIP stuff, but is this really usable for productive
usage?
This seems to me like a virtual testing environment.Is there a init.script or will I have to start it always via
py-manage?When I think about a support team and teach it how stuff works, they
will kill me when they see a new thing like thisMichael
Am Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,I think there are also some other interesting things, besides the mordern UI and the redesigned REST API like * assign tokens to machines * offline OTP * radius migration * event handler to name a few... Nevertheless, I am curious for your feedback. Kind regards Cornelius Am Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz: > Cornelius, > > > Thanks for your fast reply! Until now I'm very familiar with LinOTP > and it works pretty good with Debian 8, but your new feature to manage > certificates could be a killer (for LinOTP). > I'll have a look at PIP and try to migrate some accounts for testing. > > > Keep up with the good work! > > > Michael > > On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote: > Hello Michael, > > I would recommend using pip with a virtual environment. > Honestly I am also thinking about switching packages to > virtual > environments. PIP installations are also supported by the > enterprise > SLAs. So you can be sure, that this is no dead end. > > The 14.04 packages have dependencies to python modules. The > privacyidea > modules reside in the systems module path. > Dependent modules are also taken from the system. Which is > sometimes > difficult, due to version differences! > And with 16.04 there is also a naming conflict in dependent > modules. > > So I am in fact thinking about having the packages > (deb-packages) > containing self contained python virtual envs. > The debian package and the RPM packages already work this > way... > > So when updating your system with apt-get the pip installed > self > contained privacyidea virtualenv will also be updated. > > Kind regards > Cornelius > > > Am Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz: > > Hey guys, > > > > > > I'm a Debian guy and want to run the software with the > latest Debian > > 8. The documentation tells me to use the Ubuntu packages, > but I'm a > > bit afraid it this is a long term solution? > > Also the packages are only available fot Ubuntu LTS 14.4, > not the > > 16.4. > > > > > > So what is the best way for a mission critical use with some > LTS type? > > Use of PiP? Use old LTS? Use Debian 7 and wait for a stable > Debian 8 > > package? > > I don't like CentOS, so this is not a real alternative for > me. > > > > > > Thanks! > > Michael > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > >> > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit >> For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
I checked the PIP stuff, but is this really usable for productive usage?
This seems to me like a virtual testing environment.
Is there a init.script or will I have to start it always via py-manage?
When I think about a support team and teach it how stuff works, they will
kill me when they see a new thing like this
MichaelAm Montag, 6. Juni 2016 11:00:55 UTC+2 schrieb Cornelius Kölbel:
Hi Michael,
I think there are also some other interesting things, besides the
mordern UI and the redesigned REST API like
- assign tokens to machines
- offline OTP
- radius migration
- event handler
to name a few…Nevertheless, I am curious for your feedback.
Kind regards
CorneliusAm Montag, den 06.06.2016, 01:20 -0700 schrieb Michael Muenz:
Cornelius,
Thanks for your fast reply! Until now I’m very familiar with LinOTP
and it works pretty good with Debian 8, but your new feature to manage
certificates could be a killer (for LinOTP).
I’ll have a look at PIP and try to migrate some accounts for testing.Keep up with the good work!
Michael
On Monday, June 6, 2016 at 10:05:11 AM UTC+2, Cornelius Kölbel wrote:
Hello Michael,I would recommend using pip with a virtual environment. Honestly I am also thinking about switching packages to virtual environments. PIP installations are also supported by the enterprise SLAs. So you can be sure, that this is no dead end. The 14.04 packages have dependencies to python modules. The privacyidea modules reside in the systems module path. Dependent modules are also taken from the system. Which is sometimes difficult, due to version differences! And with 16.04 there is also a naming conflict in dependent modules. So I am in fact thinking about having the packages (deb-packages) containing self contained python virtual envs. The debian package and the RPM packages already work this way... So when updating your system with apt-get the pip installed self contained privacyidea virtualenv will also be updated. Kind regards Cornelius Am Montag, den 06.06.2016, 00:43 -0700 schrieb Michael Muenz: > Hey guys, > > > I'm a Debian guy and want to run the software with the latest Debian > 8. The documentation tells me to use the Ubuntu packages, but I'm a > bit afraid it this is a long term solution? > Also the packages are only available fot Ubuntu LTS 14.4, not the > 16.4. > > > So what is the best way for a mission critical use with some LTS type? > Use of PiP? Use old LTS? Use Debian 7 and wait for a stable Debian 8 > package? > I don't like CentOS, so this is not a real alternative for me. > > > Thanks! > Michael > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit >> For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel