Subject: Re: Centralized User and Password Management
To: Tillman Hodgson <tillman@seekingfire.com>
From: Pavel Cahyna <pavel.cahyna@st.cuni.cz>
List: netbsd-users
Date: 11/24/2004 17:03:41
On Wed, 24 Nov 2004 13:51:34 +0000, Tillman Hodgson wrote:
> On Tue, Nov 23, 2004 at 10:51:26PM -0600, Thomas T. Thai wrote:
>> I'm curious what people are using to centralize authentication and user,
>> password, and services management. What are your thoughts on each? I'm
>> aware of these Open Source solutions:
>>
>> - NIS (YP) - insecure
>> - Hesiod + Kerberos
>
> I tend to prefer Kerberos + NIS, with NIS run over an IPsec'd VLAN
That is interesting. How do you configure IPsec for NIS? I thought about
such solution also and it seemed almost impossible - doesn't the port
used by RPC services change unpredictably?
Bye Pavel