From owner-freebsd-isp Fri Oct 9 06:27:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA00941 for freebsd-isp-outgoing; Fri, 9 Oct 1998 06:27:23 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from Radford.i-Plus.net (Radford.i-Plus.net [208.24.67.15]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA00923 for ; Fri, 9 Oct 1998 06:27:21 -0700 (PDT) (envelope-from rewt@i-Plus.net) Received: from Radford.i-Plus.net (rewt@Radford.i-Plus.net [208.24.67.15]) by Radford.i-Plus.net (8.8.8/8.8.5) with SMTP id JAA16378; Fri, 9 Oct 1998 09:26:40 -0400 (EDT) Date: Fri, 9 Oct 1998 09:26:40 -0400 (EDT) From: Troy Settle To: Delbert Hundley cc: Chris Shenton , freebsd-isp@FreeBSD.ORG Subject: Re: How to share accounts between mail/pop and web servers? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org scp is the secure version of rcp, found with the SSH distribution. Information on SSH, and a link to the source (which builds cleanly on -STABLE) can be found at http://www.cs.hut.fi/ssh This package contains everything you need for secure communications between hosts. If you're like me, and have an NT (or 95/98) box for a workstation, you can find several SSH clients on the web. The best I've seen so far, is SecureCRT from Van Dyke Technologies: http://www.vandyke.com/products/beta/SecureCRT/index.html Good luck with it all... if you have questions on installation and configuration, please ask the list, I won't respond to private email. -- Troy Settle Network Administrator, iPlus Internet Services http://www.i-Plus.net On Tue, 6 Oct 1998, Delbert Hundley wrote: > What's scp? I am also preparing to do the same - prepare for growth. > > Del Hundley > MegaSurf, Inc. > > On Tue, 6 Oct 1998, Troy Settle wrote: > > > > > On 5 Oct 1998, Chris Shenton wrote: > > > > > I'm supporting an ISP who's outgrown the single box we have running > > > WWW, FTP, SMTP, POP, and IMAP. It also does RADIUS authentication for > > > the dialup server. Accounts are created on this single box so the user > > > gets RADIUS authenticated against /etc/passwd, just as the FTP, POP, > > > IMAP stuff does. The normal "adduser" script is run to create > > > accounts. > > > > > > I plan to split into two boxes: one for WWW and FTP, the other for > > > SMTP, POP, and IMAP. Not sure where I'm gonna run RADIUS yet, maybe > > > on both for redundancy. > > > > Good plan > > > > > How would you securely and robustly mirror the /etc/passwd type of > > > information? > > > > > > I'm not keen on NIS, due to security concerns. In other situations, > > > I've used "rsync" over "ssh" with host key authentication and it's > > > worked well. I've never used it for /etc/passwd and I'm concerned > > > about stuff like failed updates or partial updates leaving the send-to > > > box with a corrupt /etc/passwd, preventing everyone (including root) > > > access. > > > > > > What have you used that works well for you? > > > > I skipped the rsync option, and went straight for scp and pwd_mkdb. This > > solution has worked rather well for the past year or so. > > > > > > -- > > Troy Settle > > Network Administrator, iPlus Internet Services > > http://www.i-Plus.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message