Paladin <[EMAIL PROTECTED]> writes: > On 24 Jun 2002 15:01:47 -0500 > Ron Johnson <[EMAIL PROTECTED]> wrote: > >> I've heard that NIS isn't very robust. Might LDAP be a better >> choice? Or is there an important integration between NIS & NFS? > > Funny... I think I've heard something about NFS being kind of > "old"... I may be wrong though! :/ > > NIS & LDAP... I'm on the good track now! Thanks everyone! =)
In the "overkill" department, you might consider using Kerberos and AFS; this doesn't deal with distributing the contents of the /etc/passwd file (you'd probably need LDAP for that, something like Hesiod would *work* but you probably don't want it for new deployments). If you're dealing with significant numbers of users, AFS lets you do things like spread volumes out across servers and have actual authentication and ACLs; NFS "security" is a joke, and if you have just one NFS server, you're really hosed if it goes down... > BTW, what's more secure? Putting everything in the firewall PC or on > any other one that's inside the firewall? It's almost certainly easier to avoid publishing your NFS server to the world if you keep it inside the firewall and then tell the firewall to not forward NFS packets. (Though I've never actually tried to set this up.) It's also conceivable that network services that attempt to be clueful about network interfaces will get confused by living on the firewall machine, particularly if your setup is complicated. -- David Maze [EMAIL PROTECTED] http://people.debian.org/~dmaze/ "Theoretical politics is interesting. Politicking should be illegal." -- Abra Mitchell -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
