Date: Mon, 11 Sep 2000 23:39:34 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: Drew Sanford <drew@planetwe.com> Cc: questions@FreeBSD.ORG Subject: Re: Passwords && loadbalancing && multiple machines (oh my) Message-ID: <20000911233934.K69158@149.211.6.64.reflexcom.com> In-Reply-To: <39BD16E9.E5D40A67@planetwe.com>; from drew@planetwe.com on Mon, Sep 11, 2000 at 12:31:21PM -0500 References: <39BD16E9.E5D40A67@planetwe.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 11, 2000 at 12:31:21PM -0500, Drew Sanford wrote: > I need to set up multiple computers to be aware of the same set of > users. I am aware that utilities exist to do this (NIS, Kerberos?) but I > have no experience with them, and was wondering what people out there > who have done this would recommend for the job. Is there something I > don't know about that's better than these two? What are the pros and > cons of them? Any help or advice is apreciated. NIS is easy to configure, run, not a lot of overhead, and is compatible with many other UNIX flavors. The drawback is the security... or the severe lack of it. If you are behind a firewall, have _tight_ control of your network, and are not too worried about malicious users, the security risk might be worth it. Kerberos is not easy to configure and requires more resources. if you are sharing between three machines, setting up a fourth to be the server might not be worth it. I have used Kerberized environments, but never built one from scratch. The plus: very strong security. But whereas NIS is very weak, Kerberos can be overkill. Finally, there is always the option of syncing your user info files manually. If there are few machines and user info does not change rapidly, your own custom system to sync files might be a more secure solution with little to no more than NIS. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000911233934.K69158>