From owner-freebsd-questions@FreeBSD.ORG  Mon Sep  8 14:59:10 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 01CC416A4BF
	for <freebsd-questions@freebsd.org>;
	Mon,  8 Sep 2003 14:59:10 -0700 (PDT)
Received: from mx1.lphp.org (APastourelles-107-1-7-53.w217-128.abo.wanadoo.fr
	[217.128.208.53])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EE2A343FE3
	for <freebsd-questions@freebsd.org>;
	Mon,  8 Sep 2003 14:59:07 -0700 (PDT)
	(envelope-from ajacoutot@lphp.org)
Received: from sta01 (sta01.lphp.org.local [192.168.0.4])
	by mx1.lphp.org (8.12.8p1/8.12.8) with ESMTP id h88Lx6Sn076731
	for <freebsd-questions@freebsd.org>;
	Mon, 8 Sep 2003 23:59:06 +0200 (CEST)
	(envelope-from ajacoutot@lphp.org)
From: Antoine Jacoutot <ajacoutot@lphp.org>
To: freebsd-questions@freebsd.org
Date: Mon, 8 Sep 2003 23:59:04 +0200
User-Agent: KMail/1.5.3
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-Description: clearsigned data
Content-Disposition: inline
Message-Id: <200309082359.07548.ajacoutot@lphp.org>
Subject: nis security
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Sep 2003 21:59:10 -0000

=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi !

I'm building a new network for my company.
I need centralized authentication and looked after LDAP to achieve this.=20
Unfortunately, there are 2 points that make me wonder the good use of it:
1. nss_ldap and pam-ldap need FreeBSD-5.1 and are not for production use
2. I really don't feel confident with LDAP

So, I was thinking about using NIS instead, with which I feel much more=20
confident. I understand it is really not secure, so I was looking about mor=
e=20
information on this: why is is unsecure, does it send password in clear tex=
t=20
?
Does anyone know a solution for securing NIS, using ssh or encrypted tunnel=
s=20
or anything... I am open to any new idea :)

Thanks in advance.

Regards.

=2D --=20
Antoine Jacoutot
ajacoutot@lphp.org
http://www.lphp.org
PGP/GnuPG key: http://www.lphp.org/ressources/ajacoutot.asc
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQE/XPurY3Hnhkr+5cQRApxHAJ9du/ldsVG7pqYnufYo8kDkZ1mlQACfa2ti
BPXC0Pvd4zPMtY9yFXjvkoc=3D
=3DLfHT
=2D----END PGP SIGNATURE-----