Date: Thu, 8 Nov 2001 06:01:38 -0500 (EST) From: Chris BeHanna <behanna@zbzoom.net> To: <security@freebsd.org> Subject: Re: NIS, rsync, and LDAP Re: sharing /etc/passwd Message-ID: <20011108060035.E29102-100000@topperwein.dyndns.org> In-Reply-To: <20011107211926.A28670@hq.newdream.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 7 Nov 2001, Will Yardley wrote:
> Jim Flowers wrote:
>
> > > It would be nice to be able to share /etc/passwd between Linux and
> > > Freebsd -- so some layer of abstraction like an ldap_pam would be
> > > great. I didn't know ldap pam existed. I'll look into it.
>
> > An advantage of Kerberos, perhaps?
>
> we use the same database for multiple platforms by storing everything in
> a mysql database and then using a perl script to create the password
> files and push them onto the machines (and create the passwd db files
> for freebsd of course).
>
> perhaps not as elegant or complicated as ldap or kerberos, but it is
> pretty effective, and pretty secure since scp is used to copy the files
> from the controller machines.
This sounds pretty cool, although you should go to the dsniff home
page and read what the guy has to say about defeating ssh/scp.
--
Chris BeHanna
Software Engineer (Remove "bogus" before responding.)
behanna@bogus.zbzoom.net
I was raised by a pack of wild corn dogs.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011108060035.E29102-100000>