Date: Tue, 27 May 2003 12:22:53 -0700 From: Michael Collette <metrol@metrol.net> To: FreeBSD Security <FreeBSD-Security@FreeBSD.org> Subject: Re: multihost master.passwd sync Message-ID: <200305271222.53532.metrol@metrol.net> In-Reply-To: <3ED3BA9B.5020008@centtech.com> References: <XFMail.20030527151057.ah60@httpsite.com> <3ED3BA9B.5020008@centtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey, that was my post! :) On Tuesday 27 May 2003 12:20 pm, Eric Anderson wrote: > Andy Harrison wrote: > >>Why not just preconfigure SSH keys between the boxes and scp the file > >> across? Seems like a lot of extra work to bring PGP into the mix. > > > > Because we don't allow root login remotely, mandated from above. > > so you scp the file to a directory owned by a user designated to only do > this function.. then have a cron job that fires up every so often that > snags that file and updates the running master.passwd file.. > > >>Personally, I'm real curious about utilizing an LDAP backend to replace > >> NIS. Read a bit about it, but haven't had a chance to play with it just > >> yet. It sounds like a far more elegant solution for what you're looking > >> to do as well. Assuming it all works as advertised that is. > > > > The problem is that while it allows authentication, it doesn't integrate > > seamlessly allowing you to own files as a user that only exists in the > > ldap. > > Huh? Explain more please.. > > Eric -- "Always listen to experts. They'll tell you what can't be done, and why. Then do it." - Robert A. Heinlein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305271222.53532.metrol>