managing user accounts without NIS
dwight
dwight at supercomputer.org
Sun May 21 00:13:04 PDT 2000
Victor Ortega wrote:
> NIS and NFS are insecure and incur performance penalties. I'm looking
> for better alternatives. My idea of setuid-root wrappers (using rsync
> for distribution of relevant files) already provides a more secure,
> high-performance, high-availability alternative; I just want to make
> sure that there isn't something better out there already, and that I'm
> not overlooking some potential security hole.
Just using rsync per se might well subject you to a man-in-the-middle
attack, or a spoofing attack. ssh/scp would be a better tool.
Or just set up Kerberos and simply use it for authentication.
Best Regards,
-dwight-
---------------------------------------------------------------------------
The Beowulf Mailing list archives can now be searched by visiting:
http://www.supercomputer.org/Search/
The Calendar of Events in supercomputering can be found at:
http://www.supercomputer.org/calendar/
More information about the Beowulf
mailing list