[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NIS/something equivalent + security

On Sun, Dec 20, 1998 at 01:02:20PM +0000, Pere Camps wrote:
> 	Ok. I didn't know you could make NIS only to listen requests from
> specific machines. I guess passwords are sent clear-text, but then, we're
> supposed to have an intelligent concentrator/hub so the machines only
> receive packets for their own IPs.

No they aren't sent clear text. IIRC, the client machine asks for the
encrypted password from the server, if the client is allowed to get it
the server sends it, then the client compares the encrypted password
with the one it was given by the user (ie. the same as it would
normally do if there were not NIS). The clear text password entered by
the user is not sent anywhere by the NIS client.

--
-----    -- - -------- --------- ----  -------  -----  - - ---   --------
Ben Collins <b.m.collins@larc.nasa.gov>                  Debian GNU/Linux
UnixGroup Admin - Jordan Systems Inc.                 bcollins@debian.org
------ -- ----- - - -------   ------- -- The Choice of the GNU Generation
Reply to: