On 12/6/20 11:21 AM, Pete Biggs wrote: >> >> I found this: >> >> https://www.server-world.info/en/note?os=CentOS_8&p=nis&f=1 >> >> I've been told in the past that NIS should not be used because of some >> supposed security issues. >> >> Can someone site any authoritative documentation concerning the security >> issues extant in NIS? > > There's a lot of documentation out there. Basically YP/NIS transmits > everything over the network in plain text, including password hashes. > combined with no authentication/authorisation mechanism, out of the box > NIS will give your password hashes to anyone who asks for them. Clearly > once a username/password hash has been discovered, it's only a matter > of time before a password is found. > > NIS+ is very different in that it is much more security aware, but > consequently much more complex. > >> My plan is to set up NIS and NFS on my home network server where I plan >> to host all the local home network /home directories. I'll use >> automount on all the other nodes to mount up the home directories when a >> user logs on. >> > If you have a fully private network, then the security issues are not > so bad. It still has its place in things like clusters, but even then > it is being superseded by LDAP. If you are setting up a system from > scratch, then you really should be looking at using LDAP, it's not that > difficult and there are plenty of tools around to help you manage it > all. > > P. Okay, say I decide to go with LDAP and NFS. I'll be needing some hand holding to get it set up. Are you willing to walk me through this? I tried to set up 389 a while ago but ran into the nobody/nobody problem on the client computer that I could not solve. No help arrived then. I don't want a repeat of that. -- _ °v° /(_)\ ^ ^ Mark LaPierre ****