From owner-freebsd-hackers Sun Apr 20 00:28:07 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id AAA09567 for hackers-outgoing; Sun, 20 Apr 1997 00:28:07 -0700 (PDT) Received: from borg.mindspring.com (borg.mindspring.com [204.180.128.14]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id AAA09550; Sun, 20 Apr 1997 00:28:03 -0700 (PDT) Received: from bogus.mindspring.com (user-37kb9ah.dialup.mindspring.com [207.69.165.81]) by borg.mindspring.com (8.8.5/8.8.5) with SMTP id DAA11449; Sun, 20 Apr 1997 03:27:15 -0400 (EDT) Message-Id: <1.5.4.32.19970420072729.00975ec4@mindspring.com> X-Sender: kpneal@mindspring.com X-Mailer: Windows Eudora Light Version 1.5.4 (32) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Sun, 20 Apr 1997 03:27:29 -0400 To: Alex Belits From: "Kevin P. Neal" Subject: Re: Need a common passwd file among machines Cc: Vinay Bannai , freebsd-hackers@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk At 11:05 PM 4/19/97 -0700, Alex Belits wrote: >P.S. Is there any existing thing or at least an idea of making one that >does this thing nicer? NIS is based on rather dumb idea that to >authenticate local user one will want to go to some server and ask him >instead of IMHO more sane approach of distributing authentication >information from that server to always perform authentication locally and >never depend on some host being accessible at the time of user's login. This doesn't scale. Well, not really. At NCSU they use Hesiod+Kerberos to handle logins. This way they don't have to keep I don't know how many hundred or thousand machines /etc/passwd files current. Also, they don't have passwords going on the wire in the clear -- the passwords are handled in a safe manner by Kerberos. Along with this is the fact that passwords are *never* stored on client machines -- a security bonus. This is much saner than distributing /etc/passwd files everywhere, IMHO. -- XCOMM Kevin P. Neal, Junior, Comp. Sci. - House of Retrocomputing XCOMM mailto:kpneal@pobox.com - http://www.pobox.com/~kpn/ XCOMM kpneal@eos.ncsu.edu Spoken by Keir Finlow-Bates: XCOMM "Good grief, I've just noticed I've typed in a rant. Sorry chaps!"