[CentOS] NIS or not?

Tue Jan 28 13:32:53 UTC 2014
Logan McNaughton <logan at bacoosta.com>

Where I work we use NIS + Kerberos (Active Directory). We have about 150
machines at our site. It works quite well, as someone said, the big draw
back to NIS is that it sends passwords insecurely, but if you use Kerberos
for authentication it's really quite easy to manage.
On Jan 28, 2014 6:23 AM, "Sorin Srbu" <Sorin.Srbu at orgfarm.uu.se> wrote:

> > -----Original Message-----
> > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> > Behalf Of Pete Geenhuizen
> > Sent: den 28 januari 2014 14:12
> > To: CentOS mailing list
> > Subject: Re: [CentOS] NIS or not?
> >
> > I used NIS for many years while working on Sun Solaris and it worked
> > extremely well, although when it breaks it can be a real challenge to
> > figure out the problems.
> > I don't know how well it's implemented in Linux, bound to be a bit
> > different than Solaris.  In either case if it's important be aware of
> > the potential security issues related to NIS, mainly the clear text
> > passing of the password which is what pretty much doomed it.
>
> Yeah, that last bit made me squirm over here. I don't feel good about that,
> even though the linux machines are all pretty much localized to one spot,
> so
> that hardly any traffic goes out of the department.
>
>
> > With all of that said I do think though that LDAP would be a better
> > solution although I've not used LDAP.
> >
> > Good luck with it either way.
>
> Thanks. I'll look into LDAP some more.
>
> //Sorin
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>