Re: NFS issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Thanks for all the suggestions!  As this is for a simple home rollout  ldap and NIS are a little over the top.  If it were a big picture item I would definitely choose ldap.

I found in order for this to work I had to cp the /etc/passwd and /etc/group to the local machine that is connecting to the NFS server share.

Again thanks for all the info!

Dan

On 9/25/07, Ross S. W. Walker <rwalker@xxxxxxxxxxxxx> wrote:
Peter Arremann wrote:
>
> On Monday 24 September 2007, Steven Haigh wrote:
> > Quoting Dan <likuidkewl@xxxxxxxxx>:
> > NFS uses the user ID of the user (UID) for permissions. You
> will need
> > to have the correct permissions on each system, and the correct
> > username associated with the same UID on each machine.
> >
> > If you are running multiple systems, I would suggest
> looking into NIS.
> > This will allow you to create the accounts in NIS and have them use
> > the same details on each machine.
>
> Good answer but I can't agree on the NIS part.. NIS is plain
> text over the
> network and is deprecated for a long time. Sun is talking
> about dropping
> support, HP the same and even in the Linux camp there is some
> talk about
> taking NIS support out of the standard distributions.
> Add to that the fact that ldap is becoming easier and easier
> to set up, you
> should probably look that way...

NIS doesn't have to contain passwords, you can use Kerberos for
authentication and still use NIS for user information, if you are
worried about user names and uids going across in the clear you can
use NIS+ and TLS.

Improperly secured LDAP can have the same security issues as NIS.

I would use whichever method works best for you, NIS or LDAP. You will
find that a lot of the LDAP implementations are highly customized to
each site, so figuring out what to use and what not to use can be a
challenge, while NIS is pretty much standardized.

I would use Kerberos for passwords though irrespective of the choice
to use LDAP or NIS.

-Ross

______________________________________________________________________
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux