Date: Wed, 07 Nov 2001 20:47:35 -0700 (MST) From: David Bear <David.Bear@asu.edu> To: security@freebsd.org Subject: NIS, rsync, and LDAP Re: sharing /etc/passwd Message-ID: <Pine.LNX.4.33.0111072043550.24824-100000@moroni.pp.asu.edu> In-Reply-To: <20011107223549.B80839-100000@topperwein.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 7 Nov 2001, Chris BeHanna wrote: > > On Wed, 7 Nov 2001, David Bear wrote: > > > > > I need to sync /etc/passwd and /etc/group among multiple machines. I was > > thinking ldap would be a good method but am concerned about > > > > 1) the most secure way to do it > > 2) the most stable > > 3) things I don't know about this but should... > > > > any pointers to man pages/docs would be appreciated. > > NIS is the standard way to do this. I dunno if FreeBSD supports > NIS+, which buys you encryption when the maps are pushed from masters > to slaves, and for ypbind queries to ypserv (standard NIS does this in > cleartext). > other recommendations include ldap_pam and rsync. Thanks for the suggestions. I was not even considering NIS becuase of what I have heard about security issue with it. I live in a completely untrusted network. So, it really needs to be safe. It would be nice to be able to share /etc/passwd between Linux and Freebsd -- so some layer of abstraction like an ldap_pam would be great. I didn't know ldap pam existed. I'll look into it. any other pointers? > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.33.0111072043550.24824-100000>