managing user accounts without NIS

Robert G. Brown rgb at
Tue May 23 11:26:21 PDT 2000

On Sun, 21 May 2000, dwight wrote:

> Victor Ortega wrote:
> > NIS and NFS are insecure and incur performance penalties.  I'm looking
> > for better alternatives.  My idea of setuid-root wrappers (using rsync
> > for distribution of relevant files) already provides a more secure,
> > high-performance, high-availability alternative; I just want to make
> > sure that there isn't something better out there already, and that I'm
> > not overlooking some potential security hole.
> Just using rsync per se might well subject you to a man-in-the-middle
> attack, or a spoofing attack. ssh/scp would be a better tool.

Right, if possible, always use rsync with ssh -- "rsync -e /usr/bin/ssh"
or set RSYNC_RSH to /usr/bin/ssh (or whatever it's path is) and then use
rsync normally.  There are also a few (mostly "bad") ways to give it a
passwd to use with the hosts.  One could so this better inside a /bin/sh
or perl script.


Robert G. Brown	             
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567  Fax: 919-660-2525     email:rgb at

More information about the Beowulf mailing list