Date: Mon, 13 Mar 2000 17:33:39 -0800 (PST) From: "Dan B. " <danielb@pacex.net> To: Hugh Blandford <hugh@island.net.au> Cc: cjclark@home.com, Mike <mikey@kappaisle.com>, freebsd-isp@FreeBSD.ORG Subject: Re: Password distribution and authentication Message-ID: <Pine.BSF.4.10.10003131711110.17253-100000@almazs.pacex.net> In-Reply-To: <00f501bf8cac$832b9bc0$088ea8c0@island.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 13 Mar 2000, Hugh Blandford wrote: > Hi All, > > when ever these discussions come up, invariably someone suggests the use of > kerberos. Have any ISPs implemented this solution across their servers? > Have you used NIS to keep the passwords in sync? I would be most interested > to hear what people have done in this area. About a year ago I run in to a situation where I had to sync user password and group files across two servers. With some good help from some one who has done this before we used rsync to sync data between the servers and with a couple of modification to 'adduser' and 'vipw' every time you add user or modifiey the password file rsync send a copy of the files to the "secondary" server via SSH. This worked great for our small application but I had some concerns using 'PermitRootLogin yes' in sshd_config of the "secondary server" (script requires root status to modify passwd file) so I had to disable it :( . I am open to criticism, suggestion. e.t.c as how password syncing can be done across servers SAFELY. Dan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10003131711110.17253-100000>