Re: Password Questions

From: Alan Peery (peery_at_io.com)
Date: 12/05/03

  • Next message: Jim Clarke: "re: Firewall Inquiry"
    Date: Fri, 05 Dec 2003 13:45:16 +0000
    To: Eric Scuccimarra <eric@quovad.com>
    
    

    Eric Scuccimarra wrote:

    > I have two RedHat 9 boxes. I want them to have the same users and
    > passwords. Can I copy the user, password and shadow password files
    > from one machine to the other or do they have some sort of built-in
    > encryption that will mess things up?

    What are the user files? If you're planning on copying home
    directories, this is bad strategy as people will be confused about which
    machine has which version of which file. Consider sharing files via
    NFS. You must keep user and group ids coordinated across the machines
    in this case.

    As far as /etc/passwd, /etc/group, and /etc/shadow I think you're fine.
    I've done this many times in the past, but I am not absolutely certain
    that noting specific per machine has been added to the handling of
    /etc/shadow. (Quick test--install two fresh machines, and "md5sum" the
    relevant files on each box.) Note that this will only scale to 4 or so
    boxes before it gets messy, and you'll need consider some form of
    centralized authentication. Depending on your security needs, NIS,
    LDAP, or something fancier.

    Alan

    --
    Alan Peery
    peery@io.com
    

  • Next message: Jim Clarke: "re: Firewall Inquiry"