[CentOS] NIS or not?

Wed Jan 29 08:11:32 UTC 2014
Sorin Srbu <Sorin.Srbu at orgfarm.uu.se>

> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Jeffrey Hass
> Sent: den 29 januari 2014 08:47
> To: CentOS mailing list
> Subject: Re: [CentOS] NIS or not?
>
> Hi friend -
>
> what is your end goal with this effort to obtain security with your
> nodes over the 'wire' -
>
> there are some other solutions -- kerberos is now used heavily by
> microsoft so that's enough to make me
> run for the hills... just saying..
>
> i've set up other solutions to be sure -- even against the blasted (not
> a real LDAP) AD.
>
> anyway.. just some thoughts... it's not trivial. any of the solutions, btw.
> not at all..
>
> j/h
> San Francisco/Holland/Saudi Arabia

Primarily to enable less administration in the long run with centralized 
logins, instead of keeping each single client updated with respect to shadow, 
passwd, bashrc, hosts and so on.

Some sort of encryption would probably be wise to use, as NIS uses clear text 
passwords. I don't trust our university network that much, even though the 
traffic should pretty localized.

I'm aware that setting up Kerberos probably will be a big project, 
nevertheless, we must do something about the current mess. As I'm the single 
sysadmin at the department, my time is finite. Automation is good, but as I 
wrote before, regular bash-scripting (however powerful) will only take you so 
far. 8-/
--
//Sorin