Date: Mon, 31 Jan 2000 14:55:04 -0500 (EST) From: spork <spork@super-g.com> To: Hugh Blandford <hugh@island.net.au> Cc: isp@freebsd.org Subject: Re: Centralized auth shell/pop/dial Message-ID: <Pine.BSF.4.00.10001311453240.19512-100000@super-g.inch.com> In-Reply-To: <002701bf695d$4e9dc260$088ea8c0@island.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes, I saw that thread, but it was simply a "I think you can do that" response. Looking over the Kerberos FAQ I don't see any mention of this. Still trying to get the "big picture" of just how Kerberos works. If anyone is doing such a thing, I'd be very interested in the details... I've turned up zilch on the mailing list searches so far. Thanks, --- Charles Sprickman spork@super-g.com --- "...there's no idea that's so good you can't ruin it with a few well-placed idiots." On Fri, 28 Jan 2000, Hugh Blandford wrote: > Hi Charles, > > there was some suggestion that you could integrate NIS and Kerberos but I > haven't been able to find any info on anyone who has done it. I would love > to hear from people who have done this, especially if they got in running on > sub-T1 WANs. > > Regards, > > Hugh > > ----- Original Message ----- > From: spork <spork@super-g.com> > To: <freebsd-isp@FreeBSD.ORG> > Sent: Friday, January 28, 2000 11:15 AM > Subject: Centralized auth shell/pop/dial > > > > Hello, > > > > I know this is something of a recurring question on this list, but here it > > comes again, the one that all ISPs that reach a certain size they realize > > they must come here and ask... > > > > What options exist to scale user management beyond a few boxes? I never > > touched NIS, but it seems interesting. However, I refuse to run any > > rpc-based service unless I really need to. We currently have users spread > > out over a number of boxes; ftp/shell/www, pop/radius, pop for dedicated > > line users. It's getting to be a mess, I want to control/create these > > accounts on one machine. > > > > If someone like Matt (from BEST) could chime in on what their scheme was > > as they grew to multiple shell/pop servers, I'd love to hear it. > > > > I'm open to stashing all the auth info in a database, one big password > > file, anything. I'm also comfortable ssh-ing files around from box to > > box... > > > > What is the status of things that could make NIS more secure like IPSec? > > Where's LDAP going? Any news about 4.0 that could make distributed auth. > > easier? > > > > Thanks, > > > > Charles > > > > --- > > Charles Sprickman > > spork@super-g.com > > --- > > "...there's no idea that's so good you can't > > ruin it with a few well-placed idiots." > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.00.10001311453240.19512-100000>