[CentOS] How insecure is NIS ? Possible alternatives ?

Gordon Messmer gordon.messmer at gmail.com
Mon Mar 26 14:14:44 UTC 2018


On 03/26/2018 02:59 AM, Nicolas Kovacs wrote:
> I gave FreeIPA a spin a while back. I installed it on a sandbox server,
> and from what I recall, it pulled in a tsunami of dependencies, and
> first thing it wanted to replace my Dnsmasq with BIND... so I didn't
> look much further.


FreeIPA should be installed on its own server or VM, in which case its 
dependencies and what it replaces shouldn't be a cause for concern.  You 
can still run dnsmasq on a different host.  Use FreeIPA's DNS for the 
internal, private domain only.

FreeIPA takes all of one command to install, and one to set up. It 
provides a web UI for both administrative and end-user management of 
users, passwords, login and sudo policy, etc. Anything you find overly 
complex can simply be unused.




More information about the CentOS mailing list