NIS, shadow, and in-secure networks

To: tclug-list@mn-linux.org
Subject: NIS, shadow, and in-secure networks
From: Bob Tanner <tanner@real-time.com>
Date: Sun, 26 Sep 1999 16:20:10 -0500
Mail-Followup-To: tclug-list@mn-linux.org

NIS is great, except that the password floats across the network in its
encrypted form.

Is there a way to setup a secure connection between the NIS server and its
clients?

The HOWTOs recommend not sending shadow passwords across NIS, but to move the
passwords back into /etc/password, well, then anyone can snarf /etc/passwd and
start a brute attack on the password file.

Is there any was to get NIS working but NOT have the encrypted passwords in
/etc/password?

If possible, I'd rather send shadow across the network because snooping a
network is slightly more challenging then grabing /etc/passwd and brute
force attacking it.

-- 
Bob Tanner <tanner@real-time.com>       | Phone : (612)943-8700
http://www.real-time.com                | Fax   : (612)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9

Follow-Ups:
- Re: [TCLUG:8633] NIS, shadow, and in-secure networks
  - From: Christopher Palmer <reid@pconline.com>

Prev by Date: Re: [TCLUG:8631] Installfest - logistics questions / followup classes?
Next by Date: Re: [TCLUG:8633] NIS, shadow, and in-secure networks
Prev by thread: Re: [TCLUG:8631] Installfest - logistics questions / followup classes?
Next by thread: Re: [TCLUG:8633] NIS, shadow, and in-secure networks
Index(es):
- Date
- Thread