Hello,
I would like to start sharing the password file among a group of SGI's.
Problem: NIS is just too insecure. Are there any reasonable alternatives?
Thanks
--
Benjamin Z. Golds*
by Benjamin Z. Goldste » Tue, 21 May 1996 04:00:00
Hello,
I would like to start sharing the password file among a group of SGI's.
Problem: NIS is just too insecure. Are there any reasonable alternatives?
Thanks
--
Benjamin Z. Golds*
by Nathan C. Burne » Wed, 22 May 1996 04:00:00
: Hello,
: I would like to start sharing the password file among a group of SGI's.
: Problem: NIS is just too insecure. Are there any reasonable alternatives?
:
NIS+ is supposed to be at least a little bit more secure. My site uses
NeXTstep's Netinfo extensivly. But it's hard to find non-NeXT netinfo
software. If you've got a NeXT laying around though it might be worth
looking into.
Nate
--
---
Nathan C. Burnett "Always in motion is the future"
http://chestnut.enmu.edu/~burnettn Yoda
The Wings will have the Cup in '96!!!
by Elliot Le » Wed, 22 May 1996 04:00:00
Some places use rdist to distribute the password file. While rdist hasQuote:> Hello,
> I would like to start sharing the password file among a group of SGI's.
> Problem: NIS is just too insecure. Are there any reasonable alternatives?
\\\| Elliot Lee |\\\ || Claim to fame:
\\\| Red Hat Software |\\\ || "Geek of the Week" for three years
\\\| Webmaster www.redhat.com, |\\\ || running.
\\\| Programmer, etc. |\\\ ||
by Chris Wal » Wed, 22 May 1996 04:00:00
>> Hello,
>> I would like to start sharing the password file among a group of SGI's.
>> Problem: NIS is just too insecure. Are there any reasonable alternatives?
>Some places use rdist to distribute the password file. While rdist has
>had some security problems, and it does require setting root's .rhosts
>file, it should be no problem if you use TCP Wrappers to limit access to
>the rlogin/rshell services (which are used to start up the rdist daemon
>on demand).
INTRODUCTION
The System for Password Management (SPM, pronounced "spam") is a
replacement for passwd, yppasswd, chsh, ypchsh, chfn, ypchfn and
rpc.yppasswdd. It allows a user to change his/her password, login
shell, and GECOS.
Please read the paper "SPM: System for Password Management"
(ftp://usc.edu/pub/spm/paper/spm-lisa95.ps) for a more detailed
description.
FEATURES
The following is a list of features provided by SPM that are not normally
found in most UNIX implementations:
- Consistant user interface across heterogeneous OSs and password facilities
(i.e. /etc files, YP/NIS).
[...]
--
ECE Dept., Northwestern Univ. for PGP 2.6.2 public key
Evanston, IL
http://web.ece.nwu.edu/~mack23/
by Larry Gla » Wed, 22 May 1996 04:00:00
>>> Hello,
>>> I would like to start sharing the password file among a group of SGI's.
>>> Problem: NIS is just too insecure. Are there any reasonable alternatives?
>You might also investigate "spm". From the README:
> INTRODUCTION
>The System for Password Management (SPM, pronounced "spam") is a
>replacement for passwd, yppasswd, chsh, ypchsh, chfn, ypchfn and
>rpc.yppasswdd. It allows a user to change his/her password, login
>shell, and GECOS.
>Please read the paper "SPM: System for Password Management"
>(ftp://usc.edu/pub/spm/paper/spm-lisa95.ps) for a more detailed
>description.
The server is residing on a SunOS 4.1.3 machine and the clients are SGI IRIX.
Larry
--
Larry Glaze | "...Life's a bummer..."
System Administrator | --Smashing Pumpkins
The Ohio State University | All opinions are my own
1. can NIS and NIS+ share maps?
Hello, we have a network of 100 or so machines, almost all Suns, but a
few are SGIs. We are considering migrating to NIS+, for the security
and performance benefits. By that I mean the NIS+ feature where
clients can have multiple masters and are therefore not hosed when
their master goes down, they can just use another one. However, are
there any performance hits from NIS+ vs. NIS?
My main question though, is that since the SGIs are NIS only, if we
went to NIS+ we would have to run the NIS+ master(s) in YP
compatibility mode, which I understand would negate most or all of the
security benefits, OR we could have a separate NIS group, containing
*just* the SGIs. However, I would still need to be able to share
files, particularly home directories, via the automounter, between the
NIS group and the NIS+ group. Can I share the automounter maps
between an NIS master and an NIS+ master?
I would appreciate any pointers! I hope I am making sense.... :)
Thanks a bunch,
--eric
--
Try `stty 0' -- it works much better.
Eric D. Hendrickson Computational Biology Centers/Medical School
Senior Analyst/Programmer University of Minnesota, Twin Cities, USA
612/625-3644 (phone) <a href="http://umn.edu/~edh">Crystal Cave</a>
612/626-0623 (fax) Damnit! I can't stop the heterocyclic declination!
4. tool for traffic-monitoring
6. Problem with mouse on 16450 port
7. LDAP / Active Directory or other alternatives to NIS+ ???
8. Garbage character sets on terminal and termservers
13. Alternatives to NIS on AIX?