[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NIS woes.. Ubuntu nis client doesn't ping Debian nis Server

On Tue, 18 Aug 2009, Jesús M. Navarro wrote:


PS:  You know that NIS is an unsecure protocol only to be used if you are
absolutly convinced you are tightly controlling all the clients that can
attach to the network, do you?


There are still good reasons to run NIS, and it can be done securely
(even without NIS+).   My setup has no passwords in the NIS maps -
authentication is handled via KRB, LDAP, or AFS (depending upon the OS and
level).  A user can't get any more information from ypcat/ypmatch than
they could from getent.  I actually populate NIS from LDAP.


The roughly equivalent to an AD-based Windows
network, security and functionality-wise, would be LDAP+Kerberos+NFSv4 (plus
a whole lot of other "minor" services like DNS, DHCP, automounters, cups,
puppet, a local CA, etc.).


Indeed, that is the basis of my work & home network - and I'll be
sticking with that instead of moving towards Samba 4.

--
Rick Nelson
Moonchild without an opinion? Satan is skating to work tomorrow!
		-- Brett Manz
Reply to: