> > I found this: > > https://www.server-world.info/en/note?os=CentOS_8&p=nis&f=1 > > I've been told in the past that NIS should not be used because of some > supposed security issues. > > Can someone site any authoritative documentation concerning the security > issues extant in NIS? There's a lot of documentation out there. Basically YP/NIS transmits everything over the network in plain text, including password hashes. combined with no authentication/authorisation mechanism, out of the box NIS will give your password hashes to anyone who asks for them. Clearly once a username/password hash has been discovered, it's only a matter of time before a password is found. NIS+ is very different in that it is much more security aware, but consequently much more complex. > My plan is to set up NIS and NFS on my home network server where I plan > to host all the local home network /home directories. I'll use > automount on all the other nodes to mount up the home directories when a > user logs on. > If you have a fully private network, then the security issues are not so bad. It still has its place in things like clusters, but even then it is being superseded by LDAP. If you are setting up a system from scratch, then you really should be looking at using LDAP, it's not that difficult and there are plenty of tools around to help you manage it all. P. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos