Date: Sun, 20 Apr 1997 03:27:29 -0400 From: "Kevin P. Neal" <kpneal@pobox.com> To: Alex Belits <abelits@phobos.illtel.denver.co.us> Cc: Vinay Bannai <vinay@agni.nuko.com>, freebsd-hackers@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Re: Need a common passwd file among machines Message-ID: <1.5.4.32.19970420072729.00975ec4@mindspring.com>
next in thread | raw e-mail | index | archive | help
At 11:05 PM 4/19/97 -0700, Alex Belits wrote: >P.S. Is there any existing thing or at least an idea of making one that >does this thing nicer? NIS is based on rather dumb idea that to >authenticate local user one will want to go to some server and ask him >instead of IMHO more sane approach of distributing authentication >information from that server to always perform authentication locally and >never depend on some host being accessible at the time of user's login. This doesn't scale. Well, not really. At NCSU they use Hesiod+Kerberos to handle logins. This way they don't have to keep I don't know how many hundred or thousand machines /etc/passwd files current. Also, they don't have passwords going on the wire in the clear -- the passwords are handled in a safe manner by Kerberos. Along with this is the fact that passwords are *never* stored on client machines -- a security bonus. This is much saner than distributing /etc/passwd files everywhere, IMHO. -- XCOMM Kevin P. Neal, Junior, Comp. Sci. - House of Retrocomputing XCOMM mailto:kpneal@pobox.com - http://www.pobox.com/~kpn/ XCOMM kpneal@eos.ncsu.edu Spoken by Keir Finlow-Bates: XCOMM "Good grief, I've just noticed I've typed in a rant. Sorry chaps!"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1.5.4.32.19970420072729.00975ec4>