Date: Mon, 31 Jan 2000 14:55:04 -0500 (EST) From: spork <spork@super-g.com> To: Hugh Blandford <hugh@island.net.au> Cc: isp@freebsd.org Subject: Re: Centralized auth shell/pop/dial Message-ID: <Pine.BSF.4.00.10001311453240.19512-100000@super-g.inch.com> In-Reply-To: <002701bf695d$4e9dc260$088ea8c0@island.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes, I saw that thread, but it was simply a "I think you can do that"
response. Looking over the Kerberos FAQ I don't see any mention of this.
Still trying to get the "big picture" of just how Kerberos works.
If anyone is doing such a thing, I'd be very interested in the details...
I've turned up zilch on the mailing list searches so far.
Thanks,
---
Charles Sprickman
spork@super-g.com
---
"...there's no idea that's so good you can't
ruin it with a few well-placed idiots."
On Fri, 28 Jan 2000, Hugh Blandford wrote:
> Hi Charles,
>
> there was some suggestion that you could integrate NIS and Kerberos but I
> haven't been able to find any info on anyone who has done it. I would love
> to hear from people who have done this, especially if they got in running on
> sub-T1 WANs.
>
> Regards,
>
> Hugh
>
> ----- Original Message -----
> From: spork <spork@super-g.com>
> To: <freebsd-isp@FreeBSD.ORG>
> Sent: Friday, January 28, 2000 11:15 AM
> Subject: Centralized auth shell/pop/dial
>
>
> > Hello,
> >
> > I know this is something of a recurring question on this list, but here it
> > comes again, the one that all ISPs that reach a certain size they realize
> > they must come here and ask...
> >
> > What options exist to scale user management beyond a few boxes? I never
> > touched NIS, but it seems interesting. However, I refuse to run any
> > rpc-based service unless I really need to. We currently have users spread
> > out over a number of boxes; ftp/shell/www, pop/radius, pop for dedicated
> > line users. It's getting to be a mess, I want to control/create these
> > accounts on one machine.
> >
> > If someone like Matt (from BEST) could chime in on what their scheme was
> > as they grew to multiple shell/pop servers, I'd love to hear it.
> >
> > I'm open to stashing all the auth info in a database, one big password
> > file, anything. I'm also comfortable ssh-ing files around from box to
> > box...
> >
> > What is the status of things that could make NIS more secure like IPSec?
> > Where's LDAP going? Any news about 4.0 that could make distributed auth.
> > easier?
> >
> > Thanks,
> >
> > Charles
> >
> > ---
> > Charles Sprickman
> > spork@super-g.com
> > ---
> > "...there's no idea that's so good you can't
> > ruin it with a few well-placed idiots."
> >
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-isp" in the body of the message
> >
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-isp" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.00.10001311453240.19512-100000>