From owner-freebsd-questions  Tue Sep 12  6:41: 2 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from 01.dhcp.hck.carroll.com (core1.hck.carroll.com [216.44.16.2])
	by hub.freebsd.org (Postfix) with ESMTP id EAD4237B423
	for <questions@freebsd.org>; Tue, 12 Sep 2000 06:41:00 -0700 (PDT)
Received: (from damien@localhost)
	by 01.dhcp.hck.carroll.com (8.9.3/8.9.3) id JAA29252;
	Tue, 12 Sep 2000 09:42:31 -0400 (EDT)
	(envelope-from damien)
Date: Tue, 12 Sep 2000 09:42:31 -0400
From: Damien Tougas <damien@carroll.com>
To: Drew Sanford <drew@planetwe.com>, cjclark@alum.mit.edu
Cc: questions@freebsd.org
Subject: Re: Passwords && loadbalancing && multiple machines (oh my)
Message-ID: <20000912094231.C29216@carroll.com>
References: <39BD16E9.E5D40A67@planetwe.com> <20000911233934.K69158@149.211.6.64.reflexcom.com> <39BD16E9.E5D40A67@planetwe.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <39BD16E9.E5D40A67@planetwe.com>; from drew@planetwe.com on Mon, Sep 11, 2000 at 12:31:21PM -0500
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>Kerberos is not easy to configure and requires more resources. if you
>are sharing between three machines, setting up a fourth to be the
>server might not be worth it. I have used Kerberized environments, but
>never built one from scratch. The plus: very strong security. But
>whereas NIS is very weak, Kerberos can be overkill.

The other problem with Kerberos is that it is used for authentication
only, you still need /etc/passwd and /etc/group on every machine for
authorization.

-- 
Damien Tougas
Systems Administrator
Carroll-Net, Inc.
http://www.carroll.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message