Re: Password Questions
From: Alan Peery (peery_at_io.com)
Date: Fri, 05 Dec 2003 13:45:16 +0000 To: Eric Scuccimarra <email@example.com>
Eric Scuccimarra wrote:
> I have two RedHat 9 boxes. I want them to have the same users and
> passwords. Can I copy the user, password and shadow password files
> from one machine to the other or do they have some sort of built-in
> encryption that will mess things up?
What are the user files? If you're planning on copying home
directories, this is bad strategy as people will be confused about which
machine has which version of which file. Consider sharing files via
NFS. You must keep user and group ids coordinated across the machines
in this case.
As far as /etc/passwd, /etc/group, and /etc/shadow I think you're fine.
I've done this many times in the past, but I am not absolutely certain
that noting specific per machine has been added to the handling of
/etc/shadow. (Quick test--install two fresh machines, and "md5sum" the
relevant files on each box.) Note that this will only scale to 4 or so
boxes before it gets messy, and you'll need consider some form of
centralized authentication. Depending on your security needs, NIS,
LDAP, or something fancier.
-- Alan Peery firstname.lastname@example.org