From owner-freebsd-security  Wed Nov  3  9:59: 0 1999
Delivered-To: freebsd-security@freebsd.org
Received: from broccoli.graphics.cornell.edu (broccoli.graphics.cornell.edu [128.84.247.53])
	by hub.freebsd.org (Postfix) with ESMTP id 6190A1553C
	for <freebsd-security@FreeBSD.ORG>; Wed,  3 Nov 1999 09:58:52 -0800 (PST)
	(envelope-from mkc@Graphics.Cornell.EDU)
Received: from graphics.cornell.edu by broccoli.graphics.cornell.edu with ESMTP
	(1.37.109.16/16.2) id AA215051921; Wed, 3 Nov 1999 12:58:41 -0500
Message-Id: <199911031758.AA215051921@broccoli.graphics.cornell.edu>
X-Mailer: exmh version 2.0zeta 7/24/97
To: Greg Lewis <glewis@trc.adelaide.edu.au>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Security and NIS - alternatives? 
In-Reply-To: Your message of "Wed, 03 Nov 1999 18:41:13 +1030."
             <199911030811.SAA29824@ares.maths.adelaide.edu.au> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 03 Nov 1999 12:58:40 -0500
From: Mitch Collinsworth <mkc@Graphics.Cornell.EDU>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>This is not meant to be a complaint, I simply wish to ask if there is a
>more secure alternative?  I'd like one where passwords were not sent over
>the network except via something like SSL or an ssh tunnel.

NIS doesn't send plain text passwords over the net.  It only sends the
encrypted form over the net.  The plain text is encrypted on the client
and compared against the encrypted form.

If you want something better than that, have a look at kerberos.

-Mitch



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message