[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: distributed login.conf

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: distributed login.conf
From: Chuck Yerkes <chuck+obsd_(_at_)_2003_(_dot_)_snew_(_dot_)_com>
Date: Wed, 17 Dec 2003 13:20:04 -0500

Quoting Antoine Jacoutot (ajacoutot_(_at_)_lphp_(_dot_)_org):
> I have a working setup for centralized authentication using
> NIS+Heimdal, and I was wondering if there was a way to distribute
> /etc/login.conf and /etc/login.conf.db to all my OpenBSD servers
> (using NIS if possible) ? I'm running OpenBSD-3.4-STABLE

NIS is too easily spoofable.  Especially when you go
between LANs (segments and such).
Push methods include rdist (+ ssh), rsync.

if they share a file system (/usr/local or whatever) a cron
job kicking off a script could run cfengine scripts;
it could run CVS or SUP to get login.conf and make to build it.

There have been several tools put out to keep machines in sync.
SUP, CVS, Depot, rdist and rsync are just a couple of the more
well known ones.

References:
- distributed login.conf
  - From: Antoine Jacoutot

Prev by Date: Re: Open Letter @ the developers of oBSD
Next by Date: Re: constant noise from pc-speaker due system bootup
Previous by thread: distributed login.conf
Next by thread: Re: distributed login.conf
Index(es):
- Date
- Thread

Visit your host, monkey.org