We have several hundred users who will be accessing 4 systems
on our network (all Solaris 2.4 systems.
Is it possible to use NIS/NIS+ to share the password/shadow files
(which are the only files we are concerned about sharing) without
having to have public/private keypairs for *every* user, while
still maintaining strong security over the shadow password file?
That is, is it possible to set up NIS or NIS+ so that the *system*
credential (i.e. root credentials) are good enough to qualify a user
as being authenticated to update their own password?
It seems that it would be possible to ensure authentication of
a particular user simply based upon the system they are coming
from, rather than each person having to manage their own
I am just trying to avoid the hassle of educating our
users about this keypair stuff while still maintaining NIS+
Any suggestions would be appreciated...