>>Although I haven't configured it myself, I think kerberos can be used for
>>central password database administration.  This supposedly provides a great
>>deal of security.  Perhaps someone else on the list can chime in here....

>Kerberos doesn't solve the password database problem.  Until recently, we
>were using AFS Kerberos; now we're using Kerberos 5.  In both cases we
>still use YP to distribute our password database.  Mind you, the password
[...]

The distribution-of-information side of Kerberos (of Project Athena,
actually) is Hesiod.  In my experience, it scales far larger, far more
easily, than YP.  It rides on top of BIND.

-----------------------------------------------------------------------------
  Michael L. VanLoon                           michaelv@MindBender.serv.net
        --<  Free your mind and your machine -- NetBSD free un*x  >--
    NetBSD working ports: 386+PC, Mac 68k, Amiga, Atari 68k, HP300, Sun3,
        Sun4/4c/4m, DEC MIPS, DEC Alpha, PC532, VAX, MVME68k, arm32...
    NetBSD ports in progress: PICA, others...
-----------------------------------------------------------------------------