managing user accounts without NIS
Donald Becker
becker at scyld.com
Sun May 21 00:31:38 PDT 2000
On Sun, 21 May 2000, dwight wrote:
> Victor Ortega wrote:
>
> > NIS and NFS are insecure and incur performance penalties. I'm looking
> > for better alternatives. My idea of setuid-root wrappers (using rsync
> > for distribution of relevant files) already provides a more secure,
> > high-performance, high-availability alternative; I just want to make
> > sure that there isn't something better out there already, and that I'm
> > not overlooking some potential security hole.
>
> Just using rsync per se might well subject you to a man-in-the-middle
> attack, or a spoofing attack. ssh/scp would be a better tool.
An important element of Beowulf clusters is that they have a private,
protected internal network. There is no possible spoofing attack. 'Ssh'
imposes a large performance burden for its security.
Donald Becker becker at scyld.com
Scyld Computing Corporation
410 Severn Ave. Suite 210
Annapolis MD 21403
More information about the Beowulf
mailing list