Re: password file syncing
From: Burak Bilen (bilen_at_metu.edu.tr)
Date: 01/27/04
- Previous message: Darren Tucker: "Re: SSH v3.7.1p2 gotcha: illegal user"
- In reply to: jim.horwath_at_rcn.com: "password file syncing"
- Next in thread: Caron, Jim: "RE: password file syncing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Jan 2004 11:31:47 +0200 To: jim.horwath@rcn.com
Are your users allowed to change their passwords in the second server,
if so new password will be lost in the next update from the first
server, the same
thing applies to the user's shell. NIS is an alternative, but there are
some security drawbacks in NIS. LDAP and NIS+ are other possible
solutions, but I don't
think you want to go much further for just two servers. A better
approach will be keeping the user information in database and updating
two servers from the
database using sftp, but in this case you have to write your own passwd
and chsh programs in order to update the database. In the update period
it would be
better to close daemons(like sendmail) which depend on user/group
information.
Your solution seems reasonable as long as you let your users change
their password and shell only in the first server.
jim.horwath@rcn.com wrote:
>I have two servers I need to keep the passwd and group files
>in sync. I don't have access to an HA environment, as a
>poor man's solution I was thinking of using rsync or rdist
>over ssh to keep the password files in sync between two
>servers. Anybody have any experience either positive or
>negative doing something like this? Thanks in advance.
>
>Regards,
>Jim
>
>
- Previous message: Darren Tucker: "Re: SSH v3.7.1p2 gotcha: illegal user"
- In reply to: jim.horwath_at_rcn.com: "password file syncing"
- Next in thread: Caron, Jim: "RE: password file syncing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
