Re: multihost master.passwd sync

From: Andy Harrison (ah60_at_httpsite.com)
Date: 05/27/03

  • Next message: Michael Collette: "Re: multihost master.passwd sync" 
    Date: Tue, 27 May 2003 15:10:57 -0400 (EDT)
To: FreeBSD Security <FreeBSD-Security@FreeBSD.org>

    -----BEGIN PGP SIGNED MESSAGE-----

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    On 27-May-2003, Michael Collette wrote message "Re: multihost master.passwd
    sync"
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    > Why not just preconfigure SSH keys between the boxes and scp the file across?
    > Seems like a lot of extra work to bring PGP into the mix.

    Because we don't allow root login remotely, mandated from above.

    > Personally, I'm real curious about utilizing an LDAP backend to replace NIS.
    > Read a bit about it, but haven't had a chance to play with it just yet. It
    > sounds like a far more elegant solution for what you're looking to do as
    > well. Assuming it all works as advertised that is.

    The problem is that while it allows authentication, it doesn't integrate
    seamlessly allowing you to own files as a user that only exists in the ldap.

    ~~
    Andy Harrison
    ah##@httpsite.com
    ICQ: 123472 AIM/Y!: AHinMaine
    [full headers for details]

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 6.5.8

    iQCVAwUBPtO4P1PEkLgodAWVAQF15QQAsPRwL67UjAy3CxhhxT/qrYAnXgenJv2f
    p1gRYI+jsQQTjMhuK0F7wlP/tkEYq8ATUjGo2c/42Cv6TKhJju6Z+9ZrY/+rJ9D/
    GHwYuW1FE9cLbrEQZMHM5y0piHHGGvf6EX5EpIZQ3H5oKaO2vN+xSe+WQjAkp1Kv
    aARSDBzB0v8=
    =6jPd
    -----END PGP SIGNATURE-----
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Michael Collette: "Re: multihost master.passwd sync"

    Relevant Pages

    • Re: multihost master.passwd sync
      ... >>Why not just preconfigure SSH keys between the boxes and scp the file across? ... >>Seems like a lot of extra work to bring PGP into the mix. ...
      (FreeBSD-Security)
    • Re: Internet file transfers: SCP, SFTP, or PGP ?
      ... >> If you use PGP, don't use passwords, use public keys. ... It's not so clear how far SCP gets you ...
      (comp.security.ssh)
    • Re: Internet file transfers: SCP, SFTP, or PGP ?
      ... >> 3- PGP over FTP can leave a PGP password exposed on your FTP server ... > Your last sentence seems to imply that being "FTP server ready" means ... Is it overkill to use PGP and then transfer with SCP, ...
      (comp.security.ssh)