Date: Thu, 15 Feb 1996 12:32:32 -0800 (PST) From: Michael Dillon <michael@memra.com> To: "Miguel A.L. Paraz" <map@iphil.net> Cc: Andrew Webster <andrew@nash.pubnix.net>, freebsd-isp@FreeBSD.org Subject: Re: RADIUS Message-ID: <Pine.LNX.3.91.960215122459.22590A-100000@okjunc.junction.net> In-Reply-To: <199602150444.MAA08392@marikit.iphil.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 15 Feb 1996, Miguel A.L. Paraz wrote: > Along this line, I previously asked for suggestions on good > multiport cards to use for FreeBSD. I also plan to stick a > sync serial board to make the system a one-box solution > for ISPs. Bad idea except for tiny startups or in-house corporate systems. > I would appreciate advice on how to use such a system where > user accounts are divided between different boxes. Would > NIS/NIS+ do it? Or perhaps, a distributed RADIUS system > like in the (complicated) Merit radiusd? Start by making the FreeBSD terminal server into a terminal server. That is to say, no accounts on it at all except root. Strip just about everything out of /etc/inetd.conf. Make it so that a successful RADIUS login either gives a PPP or SLIP session, or else it rlogins to another box which is the shell/mail server and has the user accounts. You can handle hundreds of shell accounts on one box. If they are only POP email you can probably handle thousands. But you would not want to put more than 32 lines on a single FreeBSD terminal server. NIS is a bad idea since it has too many security holes. Michael Dillon Voice: +1-604-546-8022 Memra Software Inc. Fax: +1-604-546-3049 http://www.memra.com E-mail: michael@memra.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.91.960215122459.22590A-100000>