In article <[EMAIL PROTECTED]>, Jens B. Jorgensen <[EMAIL PROTECTED]> wrote: >Hmmm, perhaps you'll have to generate your own intermediate passwd file to >generate the NIS maps.
Ah yes, a possibility is to include the password in /etc/password, and then filter that out again for shadow-capable hosts using /etc/ypserv.conf > However, I would perhaps reconsider using shadow. Unless >you're only serving up some (not root, etc.) passwords from NIS and have set up >NIS to work this way there's no benefit to running shadow locally since NIS is >100% insecure (ie. it'll give up password entries to anyone on your network who >asks). Not true. If set up correctly, it will only serve shadow maps to requests originating from secure ports (eg < 1023), which means a root process. Ofcourse that means you do have to trust all root users on your network. But turning off shadow is certainly the easiest solution (shadowconfig off). You can still have shadow-like security using /etc/ypserv.conf, a feature unique to to the Linux NIS server. Mike. -- Indifference will certainly be the downfall of mankind, but who cares?
