Re: NIS
Adam C Powell IV <hazelsct@mit.edu> writes:
> Ramin Motakef wrote:
>
> > Hi!
> > Don´t know if this is our problem, but after a recent ubgrade of a
> > slink box the +::: entryies in /etc/passwd and /etc/group on this box
> > where missing.
> >
> > I didnt notice this at first, as i was logged in as root, so i dont
> > know which package caused this (base-passwd??).
> >
> > Anyway, editing /etc/passwd and /etc/group solved the problems with
> > nis for me.
>
> Thanks very much, that was the first thing I checked. The plus
> entries are still there, on
> the master and the client.
>
> With the new NIS, do I have to put such entries in /etc/shadow and
> /etc/gshadow too? How
> does this relate to the doc section "restricting access to the NIS
> server"? Do I put those
> in in the same way? Didn't have to with the old NIS...
>
> Zeen,
>
> -Adam P.
>
You have to put the +:: Entries in /etc/shadow if you use
shadow-passwords on the clients. I don´t know anything about hshadow,
as i dont use passwd-protected groups. So one possibility is to run
"shadowconfig off" on the clients, the other is to enter +:: in
/etc/shadow (as much :´s as in the other lines....).
I think "restricting access to the NIS server" refers to the using of
NIS for validation on the server. If you leave out the *:: on the
server, it doesn´t use NIS for authentication.
Ramin
PS.: I´am not a security expert and am not sure if using shadow
passwords with nis is safer then "traditional passwords".
Reply to:
- References:
- Re: NIS
- From: Adam C Powell IV <hazelsct@mit.edu>
- Re: NIS
- From: Adam C Powell IV <hazelsct@mit.edu>
- Re: NIS
- From: Ramin Motakef <ramin@uni-oldenburg.de>
- Re: NIS
- From: Adam C Powell IV <hazelsct@mit.edu>