> rdist over ssh? It's not quite drop-in, but it's pretty easy to set up.
> (would be nice to get some out-of-the-box support for it though sometime.)

Copying the passwd file to all hosts doesn't scale very well
for even moderate numbers of users or hosts.  It's also a pain 
to keep all of the password files current in the presence of host 
and network failures, and to deal with each system's different
way of storing shadow password files.   And we'd still need 
something like yppasswd (with something better than "privileged 
ports" for authentication) to let people change their passwords. 

> Nothing anyone does to YP will ever really be more than a bandaid.

granted.  If I had the luxury of replacing all of the "login" programs
on all of the systems, I'd start with Kerberos and work up from there.  
Meanwhile, a bandaid would do a lot to thwart this very common kind of
attack.  

Keith