[941] in linux-security and linux-alert archive
[linux-security] Alternative to NIS
daemon@ATHENA.MIT.EDU (Eric M. Boyd)
Tue Jul 23 04:38:57 1996
Date: Mon, 22 Jul 1996 17:09:29 -0400 (EDT)
From: "Eric M. Boyd" <boyd@interdim.com>
To: linux-security@tarsier.cv.nrao.edu
Everywhere I look security wise, people say to stay away from NIS because
it's very insecure, and that NIS+ isn't much better. Does anyone have any
suggestions as to a replacement to use? I want to make sure my site is
secure, but it's really a hassle to individually add a user to each
machine, or ask a user to change their password on each machine they use.
Any suggestions?
[REW: NIS uses the "domainname" as a kind of password. Anybody from
the whole internet who knows this can access your password file. Take
care not to choose something like "my.dns.domain.name". What complicates
the issue is that it is broadcast over your ethernet segment during
normal operation.]
Eric Boyd
--------------------------------+----------------------------------------------
Eric Boyd (TSMA) | "It's easier to ask for
InterDimensions Corp. | forgiveness than for permission."
25 Ellery St. |
Cambridge Ma, 02138 | "640K ought to be enough for anybody."
617-661-4200 | -- Bill Gates, 1981
|
boyd@interdim.com |