Date: Sat, 25 Sep 2004 17:02:42 +0300 From: Giorgos Keramidas <keramida@freebsd.org> To: Steve Shorter <steve@nomad.tor.lets.net> Cc: dwbear75@gmail.com Subject: Re: sharing /etc/passwd Message-ID: <20040925140242.GB78219@gothmog.gr> In-Reply-To: <20011107211316.A7830@nomad.lets.net> References: <Pine.LNX.4.33.0111071900280.24824-100000@moroni.pp.asu.edu> <20011107211316.A7830@nomad.lets.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2001-11-07 21:13, Steve Shorter <steve@nomad.tor.lets.net> wrote: > On Wed, Nov 07, 2001 at 07:02:09PM -0700, David Bear wrote: > > I need to sync /etc/passwd and /etc/group among multiple machines. I was > > thinking ldap would be a good method but am concerned about > > > > 1) the most secure way to do it > > 2) the most stable > > 3) things I don't know about this but should... > > > > any pointers to man pages/docs would be appreciated. > > Hmm... how about rsync? /usr/ports/net/rsync > -steve After reading a nice paper by Val Henson[1] I'm not so sure I'd trust sensitive information like password data to rsync without making sure that compare-by-hash is disabled if at all possible. There are other ways to use a common authentication server, shared by many machines. Kerberos and NIS or NIS+ are good examples. At least better than a ``blind copy'' of password files with rsync. Giorgos. --- References --- [1] Val Henson, "An Analysis of Compare-by-hash". In Proceedings of "HotOS IX: The 9th Workshop on Hot Topics in Operating Systems", pp. 13-18. [ http://www.nmt.edu/~val/review/hash.html ]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040925140242.GB78219>