Thanks for replies, I haven't been able to do a "real-life" test as the computers didn't arrive yet. In the meantime I got some remarks here which result in more questions.
I got a reply the is not on the list from Steve Stancliff <[EMAIL PROTECTED]>, he says: > As others mentioned, NFS is the way to mount the > homes from the fileserver. I advise not using > autofs for mounting the homes, just mount them > in fstab. Autofs is very flaky. Could anyone comment on this and mention the pros and cons of both solutions? Why is autofs flaky? > Also, NIS is the usual method of synchronizing files, > such as /etc/passwd, but NIS also is flaky, and it > supposedly has security issue. NIS also defeats > password shadowing, since it will pass the shadow > file in the clear. On our system I replaced NIS with > a password distribution system using scp (part of ssh). I also heard that NIS is not very secure, and as mentioned before there already is an LDAP-server on the Server-Box which could serve as a User-Database as well (using PAM). Has anyone done this before? > If you don't allow users to change their passwords > (which is often a good idea, so you can enforce > reasonably strong passwords), then you don't need > automated distribution anyway - you can just scp the > passwd files after you change them. If you use a > public-private keypair for authentication of root, > then you can do this without having to type in all > the passwords. But then in that case if someone > gets root on your server, he has root on all machines. > (But really, if he has root on your server you're > hosed anyway.) Weak passwords are not so much a problem as the people who use the computers are not so evil. If everyone has her own background image to play with they won't try to spy out passwords ;-} If you there are HOWTOs, FAQs, manuals or other resources on the web that answer all these question, please tell me! Thanks a lot!! - Konrad Mierendorff
