Date: Thu, 02 Apr 1998 14:06:47 -0800 From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca> To: Tom <tom@uniserve.com> Cc: Charles Quarri <randy@hackerz.org>, stable@FreeBSD.ORG Subject: Re: Hesiod support on 2.2 Message-ID: <199804022207.OAA06621@passer.osg.gov.bc.ca> In-Reply-To: Your message of "Thu, 02 Apr 1998 10:43:45 PST." <Pine.BSF.3.96.980402104226.20064A-100000@shell.uniserve.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>
> On Thu, 2 Apr 1998, Charles Quarri wrote:
>
> > I am looking for a central management system like NIS without
> > the blatant security holes. I have heard that Hesiod can do this.
>
> All blatant security holes in NIS depend on how you configure it.
You can minimize NIS security holes by limiting which hosts have access
to your NIS ports.
Another approach I've used (on NIS+) is to put a * in the password
fields of the passwd map and use Kerberos V. In this case NIS would
serve hosts, services and other maps, and be used for UID to username
mapping while Kerberos would be used for user authentication.
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
UNIX Support OV/VM: BCSC02(CSCHUBER)
ITSD BITNET: CSCHUBER@BCSC02.BITNET
Government of BC Internet: cschuber@uumail.gov.bc.ca
Cy.Schubert@gems8.gov.bc.ca
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199804022207.OAA06621>