From owner-freebsd-isp Mon Oct 4 13: 5:52 1999 Delivered-To: freebsd-isp@freebsd.org Received: from cliff.i-plus.net (cliff.i-plus.net [209.100.20.42]) by hub.freebsd.org (Postfix) with ESMTP id 9D34E1555C for ; Mon, 4 Oct 1999 13:05:33 -0700 (PDT) (envelope-from st@i-plus.net) Received: from ARCADIA (arcadia.i-plus.net [209.100.20.198]) by cliff.i-plus.net (8.9.3/8.9.3) with SMTP id QAA28611 for ; Mon, 4 Oct 1999 16:05:33 -0400 (EDT) From: "Troy Settle" To: "FreeBSD ISP" Subject: RE: One password base for some *NIX boxes Date: Mon, 4 Oct 1999 16:05:21 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <199910041921.MAA70531@pau-amma.whistle.com> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > >The easiest answer, is NIS. But, NIS isn't exactly secure. > > True enough. > > >... > > >When implementing this, you'll need to educate your users so > they'll know to > >change their passwords on the master server only .... > > It's not apparent to me why the above suggestion was made. > > Within the Engineering net here, we use NIS. And I assure you that my > desktop isn't even a NIS slave server. You missed the 2nd paragraph of my post... I'd already left NIS out of the picture as a solution: >> I'd reccomend that you select one box to be your master server, >> then use ssh and some perl to generate and distribute appropriate >> passwd and shadow files to the other servers. > > Yet: > > pau-amma[1]% passwd > Changing NIS password for dhw on prawn.whistle.com. > Old Password: > > you will see that I had an opportunity to change my NIS password from a > NIS client machine, using the usual "passwd" command. Of course, but again, I stopped talking about NIS after the first line of my post. Laterz, Troy To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message