From mboxrd@z Thu Jan 1 00:00:00 1970 From: Saint Neon Subject: RE: OT: password management Date: Wed, 8 Jan 2003 08:12:37 -0800 (PST) Sender: linux-admin-owner@vger.kernel.org Message-ID: <20030108161237.1896.qmail@web40804.mail.yahoo.com> References: <000601c2b72c$814f0a00$6501a8c0@frodo> Mime-Version: 1.0 Return-path: In-Reply-To: <000601c2b72c$814f0a00$6501a8c0@frodo> List-Id: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: "Alok K. Dhir" Cc: linux-admin@vger.kernel.org Sorry about the previous answer. :) Yep, I do think that PAM isnt directly affected by a distributed architecture, though, I have to say, that I will have to look up into how to go about doing it. Maybe you will have to write your own little shell script for it :( But I really think PAM can do it. The other solution to do this would be NIS(YP), or NIS+, as someone said before. But I am a little against it, because NIS has had its share of security problems. I looked up some websites, and this is what I have: for NIS and NIS+ HOWTO, http://www.ibiblio.org/mdw/HOWTO/NIS-HOWTO/ for NIS related security issues, http://www.eng.auburn.edu/users/doug/nis.html Take care that you will have to use utilities like yppasswd, ypchfn, ypchsh instead of their couterparts like passwd, chfn, chsh, because these things only affect files on local systems, and not over a network. They are required when distributing passwords over NIS(YP). Neon. P.S -> the previous link in kernel.org is not working.Sorry about that. --- "Alok K. Dhir" wrote: > Actually, PAM in itself doesn't have any bearing on > the architecture > being distributed or not - that is, you can easily > set PAM up to use an > LDAP or NIS back end, and it will use it. > __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com