Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 31 Jan 2000 14:55:04 -0500 (EST)
From:      spork <spork@super-g.com>
To:        Hugh Blandford <hugh@island.net.au>
Cc:        isp@freebsd.org
Subject:   Re: Centralized auth shell/pop/dial
Message-ID:  <Pine.BSF.4.00.10001311453240.19512-100000@super-g.inch.com>
In-Reply-To: <002701bf695d$4e9dc260$088ea8c0@island.net.au>

next in thread | previous in thread | raw e-mail | index | archive | help
Yes, I saw that thread, but it was simply a "I think you can do that"
response.  Looking over the Kerberos FAQ I don't see any mention of this.
Still trying to get the "big picture" of just how Kerberos works.

If anyone is doing such a thing, I'd be very interested in the details...
I've turned up zilch on the mailing list searches so far.

Thanks,

---
Charles Sprickman
spork@super-g.com
--- 
                     "...there's no idea that's so good you can't 
                      ruin it with a few well-placed idiots." 

On Fri, 28 Jan 2000, Hugh Blandford wrote:

> Hi Charles,
> 
> there was some suggestion that you could integrate NIS and Kerberos but I
> haven't been able to find any info on anyone who has done it.  I would love
> to hear from people who have done this, especially if they got in running on
> sub-T1 WANs.
> 
> Regards,
> 
> Hugh
> 
> ----- Original Message -----
> From: spork <spork@super-g.com>
> To: <freebsd-isp@FreeBSD.ORG>
> Sent: Friday, January 28, 2000 11:15 AM
> Subject: Centralized auth shell/pop/dial
> 
> 
> > Hello,
> >
> > I know this is something of a recurring question on this list, but here it
> > comes again, the one that all ISPs that reach a certain size they realize
> > they must come here and ask...
> >
> > What options exist to scale user management beyond a few boxes?  I never
> > touched NIS, but it seems interesting.  However, I refuse to run any
> > rpc-based service unless I really need to.  We currently have users spread
> > out over a number of boxes; ftp/shell/www, pop/radius, pop for dedicated
> > line users.  It's getting to be a mess, I want to control/create these
> > accounts on one machine.
> >
> > If someone like Matt (from BEST) could chime in on what their scheme was
> > as they grew to multiple shell/pop servers, I'd love to hear it.
> >
> > I'm open to stashing all the auth info in a database, one big password
> > file, anything.  I'm also comfortable ssh-ing files around from box to
> > box...
> >
> > What is the status of things that could make NIS more secure like IPSec?
> > Where's LDAP going?  Any news about 4.0 that could make distributed auth.
> > easier?
> >
> > Thanks,
> >
> > Charles
> >
> > ---
> > Charles Sprickman
> > spork@super-g.com
> > ---
> >                      "...there's no idea that's so good you can't
> >                       ruin it with a few well-placed idiots."
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-isp" in the body of the message
> >
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.00.10001311453240.19512-100000>