On Tue, Jul 10, 2001 at 07:20:00PM -0700, Blake Barnett wrote: > The reason you state for not wanting to use existing centralization schemes > is network dependancies. While this is certainly a valid concern, most > systems have addressed this by at least providing replication for the > service, so that servers can be placed at strategic points in your network > and provide a robust fallback mechanism. While I believe NIS does this I > would recommend using LDAP as both your authentication and information > source. (via pam-ldap & pam-nss). The replication is done very well in > LDAP and the referral system works well for falling back to other servers. > > If your WHOLE network goes down or you can't reach ANY of your replicas > you've got far more serious problems than just being able to login to your > boxes. You should always have root and a couple administrative logins which > ALWAYS reside in /etc/shadow for these situations anyway. > > As you said, it is a daunting task, and one which isn't really warranted > given the resources already available. Or you could just rsync the necessary files, which has some security issues. -- Share and Enjoy.
