[CentOS] NIS or not?
Sorin Srbu
Sorin.Srbu at orgfarm.uu.se
Wed Jan 29 08:11:32 UTC 2014
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Jeffrey Hass
> Sent: den 29 januari 2014 08:47
> To: CentOS mailing list
> Subject: Re: [CentOS] NIS or not?
>
> Hi friend -
>
> what is your end goal with this effort to obtain security with your
> nodes over the 'wire' -
>
> there are some other solutions -- kerberos is now used heavily by
> microsoft so that's enough to make me
> run for the hills... just saying..
>
> i've set up other solutions to be sure -- even against the blasted (not
> a real LDAP) AD.
>
> anyway.. just some thoughts... it's not trivial. any of the solutions, btw.
> not at all..
>
> j/h
> San Francisco/Holland/Saudi Arabia
Primarily to enable less administration in the long run with centralized
logins, instead of keeping each single client updated with respect to shadow,
passwd, bashrc, hosts and so on.
Some sort of encryption would probably be wise to use, as NIS uses clear text
passwords. I don't trust our university network that much, even though the
traffic should pretty localized.
I'm aware that setting up Kerberos probably will be a big project,
nevertheless, we must do something about the current mess. As I'm the single
sysadmin at the department, my time is finite. Automation is good, but as I
wrote before, regular bash-scripting (however powerful) will only take you so
far. 8-/
--
//Sorin
More information about the CentOS
mailing list