Re: centralised user authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Fri, Mar 26, 2010 at 9:41 AM,  <m.roth@xxxxxxxxx> wrote:

>> I'm new to centralized user authentication, and I want to learn how to
>> do it. I've heard that NIS is a deprecated technology, and that one
>> should favour LDAP over it. I'd be curious if someone could explain the
>> facts behind this (or even if it's true or not).
>
> NIS is *very* insecure and I *think* uses clear text (it was a kinder,
> gentler age). NIS+ is slightly better, but not a whole lot. LDAP is
> expecting encryption, at least SSL.

That's the heart of it... NIS was fine in a younger and more innocent
day :)  NIS+ was ostensibly more secure but was a pain to get quite
perfect. In many of the shops I visited that were using NIS+ there
were lots of misconfigurations that exposed more than planned.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux