Re: How insecure is NIS ? Possible alternatives ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

> Am 26.03.2018 um 11:59 schrieb Nicolas Kovacs <info@xxxxxxxxxxxxx>:
> 
> Le 26/03/2018 à 10:28, isdtor a écrit :
>> In my opionion, there is a serious gap in this area. It's either NIS,
>> simple, easy to setup yet insecure, or LDAP/FreeIPA/RH Id management
>> server at a complexity at least one order of magnitude beyond NIS.
> 
> I gave FreeIPA a spin a while back. I installed it on a sandbox server,
> and from what I recall, it pulled in a tsunami of dependencies, and
> first thing it wanted to replace my Dnsmasq with BIND... so I didn't
> look much further.

Quite time ago we had a stripped setup here working only with Openldap and 
PAM modules. LDAP with replication for redundancy, centralized communication 
with local CA and over TLS. It worked very well. The successor of such setup 
is SSSD for EL7 but the above should be still a feasible solution.

--
LF




_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux