Subject: Re: pseudo-shadowing of passwords with ypserv?
To: Chris Jones <cjones@rupert.honors.montana.edu>
From: Kevin P. Neal <kpneal@pobox.com>
List: tech-net
Date: 10/09/1998 12:39:33
At 09:44 AM 10/9/98 -0600, Chris Jones wrote:
>>>>>> "DH" == David Holland <dholland@cs.toronto.edu> writes:
>
>DH> Kerberos is far from an ideal solution itself.
>
>Yep, but it at least does one thing well: authentication. It's not
>easy to administer, it's not terribly easy for users to understand,
>and it doesn't handle administrative information (GECOS info,
>username, UID, etc.), but at least it manages authentication well.
>
>I've been thinking for a long time of designing something to take the
>place of yp, which could be installed alongside kerberos, but it seems
>a very daunting project.
Hesiod (alongside Kerberos).
Works at NCSU, handling over 50,000 user accounts. It piggybacks inside DNS.
They've got systems running as realm clients on machines as diverse as
SPARCstations, Dell NT boxes, Mac/PPC boxes, etc. It's pretty sweet.
Add AFS to the picture and you have a system where you can login just about
anywhere and your view looks pretty much the same.
--
Kevin P. Neal http://www.pobox.com/~kpn/
'You know, I think I can hear the machine screaming from here... \
"help me! hellpp meeeee!"' - Heather Flanagan, 14:52:23 Wed Jun 10 1998