Summary: Secure NIS maps?

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: <rob.naccarato_at_sheridanc.on.ca>
Date: Mon, 12 Feb 1996 10:53:38 -0500

I guess the best way to deal with this is with the Enhanced Security option.

Thanks to the following for their responses:

Andy Phillips <atp_at_mssly1.mssl.ucl.ac.uk>
Jim Belonis <belonis_at_dirac.phys.washington.edu>
Spider Boardman <spider_at_orb.nashua.nh.us>

----
Andy Phillips:
	Use C2 security. (Enhanced Security). This only allows users 
    to ypcat the encrypted password information for their own account.
----
Jim Belonis:
No.  Then it is not useful NIS.
You might as well turn off your passwd map entirely since the requesting
machine can't get the passwd entry.
If you want security, use some other protocol entirely.
Belonis
----
Spider Boardman:
That is part of what is offered in Digital UNIX with ENHANCED
security and NIS-shared prpasswd data.  (In effect, anyway, and
if you can deal with the constraints on when it's usable.)  You
have to be root (effective UID of 0) to get the prpasswd map
data.  Otherwise, despite asking for prpasswd, you get
prpasswd_nonsecure, which doesn't have the passwords.
----
-- 
Rob Naccarato
rob.naccarato_at_sheridanc.on.ca

Received on Mon Feb 12 1996 - 17:44:54 NZDT

This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:46 NZDT