Then use kerberos, it is better stuff. Also there is NIS+, my choice..
NIS sucks: easily spoofed and eavesdroped.
Kerberos is good but is compilacted. Not for the faint of heart.
NIS+ is good stuff.
-Uses public key crypt.(not base on that secure "auth server" bullshit
that kerberos relizes on)
-secure RPC which NIS+ uses is built into Sun's RPC sys. so it is
transparent unlike kerberos.
If properly configure NIS+ can be very secure for network mang. and auth.
1.) Do not run NIS+ to be compatible to NIS
2.) Secure the NIS+ server and run in security level 2 mode
Goood Luck
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You may be disappointed if you fail, but you are doomed if you never try
- - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - -
WEB: http://diesel.syr.edu
PGP: http://diesl.syr.edu/~djslatte/mykey.asc
- - - - - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - -
On Tue, 12 May 1998 [EMAIL PROTECTED] wrote:
> I've never used NIS but I think it would be handy not to have to maintain
> individual accounts across three Linux systems if NIS could do the job.
> The number of systems could grow.
>
> However, a glance at Essential System Administration by Aeleen Frisch
> (O'Reilly & Associates) bids me pause. She says "NIS is a security
> nightmare" (p. 616).
>
> Any thoughts about this from experienced NISsers?
>
> Gene
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
> To unsubscribe: mail [EMAIL PROTECTED] with
> "unsubscribe" as the Subject.
>
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
