Date: Tue, 6 Oct 1998 08:31:23 -0400 (EDT) From: Troy Settle <rewt@i-Plus.net> To: Chris Shenton <chris@shenton.org> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: How to share accounts between mail/pop and web servers? Message-ID: <Pine.BSF.3.96.981006082608.12877A-100000@Radford.i-Plus.net> In-Reply-To: <87hfxiv0r9.fsf@absinthe.shenton.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5 Oct 1998, Chris Shenton wrote: > I'm supporting an ISP who's outgrown the single box we have running > WWW, FTP, SMTP, POP, and IMAP. It also does RADIUS authentication for > the dialup server. Accounts are created on this single box so the user > gets RADIUS authenticated against /etc/passwd, just as the FTP, POP, > IMAP stuff does. The normal "adduser" script is run to create > accounts. > > I plan to split into two boxes: one for WWW and FTP, the other for > SMTP, POP, and IMAP. Not sure where I'm gonna run RADIUS yet, maybe > on both for redundancy. Good plan > How would you securely and robustly mirror the /etc/passwd type of > information? > > I'm not keen on NIS, due to security concerns. In other situations, > I've used "rsync" over "ssh" with host key authentication and it's > worked well. I've never used it for /etc/passwd and I'm concerned > about stuff like failed updates or partial updates leaving the send-to > box with a corrupt /etc/passwd, preventing everyone (including root) > access. > > What have you used that works well for you? I skipped the rsync option, and went straight for scp and pwd_mkdb. This solution has worked rather well for the past year or so. -- Troy Settle <st@i-Plus.net> Network Administrator, iPlus Internet Services http://www.i-Plus.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981006082608.12877A-100000>