[sclug] Centralised Authentication
Matt
matt at bodgit-n-scarper.com
Mon Oct 31 16:25:58 UTC 2005
* Dickon Hood <sclug at splurge.fluff.org> [2005-10-31 15:35:51]:
> On Mon, Oct 31, 2005 at 15:31:33 +0000, Matt wrote:
> : * David Given <dg at cowlark.com> [2005-10-31 15:14:18]:
>
> : > One of the gnarliest hacks I ever perpetrated was setting up a distributed
> : > password system of a network of Linux-based terminals. What I did was to have
> : > the main server NFS export /etc/passwd; then I had each client mount it over
> : > the top of its own /etc/passwd as part of the boot procedure. (You can export
> : > single files in NFS.)
>
> Cute :-)
>
> : My eyes!
>
> : LDAP or NIS should be the easiest FSVO easiest. There are also PAM
> : modules for using things like MySQL databases or RADIUS servers.
>
> Not NIS. Really, not NIS. NIS isn't secure ('ypcat passwd'), and NIS+
> isn't much better.
Sure. I tend to replace the latter with the former too. But in its
defense it's fairly simple to set up, at least I don't remember it being
tricky.
Matt
--
"I know it's your T1 because our network guy teleported into the Baywatch
hub and checked it!"
"It's 'telnet' and 'Bay Networks'."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.tmdg.co.uk/pipermail/sclug/attachments/20051031/26ca0a55/attachment.bin
More information about the Sclug
mailing list