From owner-freebsd-isp  Tue Oct  6 09:02:57 1998
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA13876
          for freebsd-isp-outgoing; Tue, 6 Oct 1998 09:02:57 -0700 (PDT)
          (envelope-from owner-freebsd-isp@FreeBSD.ORG)
Received: from consuela.megasurf.net (consuela.megasurf.net [209.96.180.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA13871
          for <freebsd-isp@FreeBSD.ORG>; Tue, 6 Oct 1998 09:02:55 -0700 (PDT)
          (envelope-from dhundley@consuela.megasurf.net)
Received: from localhost (dhundley@localhost) by consuela.megasurf.net (8.8.7/8.6.12) with SMTP id RAA00227; Tue, 6 Oct 1998 17:24:38 GMT
Date: Tue, 6 Oct 1998 17:24:38 +0000 (GMT)
From: Delbert Hundley <dhundley@consuela.megasurf.net>
To: Troy Settle <rewt@i-Plus.net>
cc: Chris Shenton <chris@shenton.org>, freebsd-isp@FreeBSD.ORG
Subject: Re: How to share accounts between mail/pop and web servers?
In-Reply-To: <Pine.BSF.3.96.981006082608.12877A-100000@Radford.i-Plus.net>
Message-ID: <Pine.BSF.3.96.981006172251.214A-100000@consuela.megasurf.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

What's scp?  I am also preparing to do the same - prepare for growth.

Del Hundley
MegaSurf, Inc.

On Tue, 6 Oct 1998, Troy Settle wrote:

> 
> On 5 Oct 1998, Chris Shenton wrote:
> 
> > I'm supporting an ISP who's outgrown the single box we have running
> > WWW, FTP, SMTP, POP, and IMAP.  It also does RADIUS authentication for
> > the dialup server. Accounts are created on this single box so the user
> > gets RADIUS authenticated against /etc/passwd, just as the FTP, POP,
> > IMAP stuff does. The normal "adduser" script is run to create
> > accounts. 
> > 
> > I plan to split into two boxes: one for WWW and FTP, the other for
> > SMTP, POP, and IMAP.  Not sure where I'm gonna run RADIUS yet, maybe
> > on both for redundancy.
> 
> Good plan
>  
> > How would you securely and robustly mirror the /etc/passwd type of
> > information? 
> > 
> > I'm not keen on NIS, due to security concerns.  In other situations,
> > I've used "rsync" over "ssh" with host key authentication and it's
> > worked well. I've never used it for /etc/passwd and I'm concerned
> > about stuff like failed updates or partial updates leaving the send-to
> > box with a corrupt /etc/passwd, preventing everyone (including root)
> > access. 
> > 
> > What have you used that works well for you? 
> 
> I skipped the rsync option, and went straight for scp and pwd_mkdb.  This
> solution has worked rather well for the past year or so.
> 
> 
> --
>   Troy Settle <st@i-Plus.net>
>   Network Administrator, iPlus Internet Services
>   http://www.i-Plus.net
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message