An LDAP directory can have numerous advantages over NIS. For example:
* Strong mutual authentication of client machines and LDAP servers
* All network traffic and be encrypted (by mandate even) via SSL or TLS.
* A rouge root on client machines cannot access user data, collect
encrypted password strings for user accounts
* Shadow password functionality including aging can be used
I would like to encourage Linux sysadmins to "properly" and securely
setup LDAP directories as opposed to NIS.
What can be done to encourage this?
For starters, it would be nice to have a good generic LDAP directory
browser/editor that was SSL/TLS enabled. RHL7.3 shipped with a decent
one, GQ, but it was dropped.
The slick looking "directoryadministrator" can be used to administer an
Any have other ideas?
I'll have a follow up as well.
As long as we're having a general mailing list cleanup, would it make
sense to create a mailing list specifically for Red Hat Enterprise
Personally, I'd like to see it...
James Ralston, Information Technology
Software Engineering Institute
Carnegie Mellon University, Pittsburgh, PA, USA
For the last year or so I have been updating and installing additional
software for all my RedHat boxes using Freshrpms  and other apt
repositories like Fedora . I've also been using apt and yum with
One nice thing about this is that it allows mirrors to be used with the
updater -- is this something that RedHat might consider?
My other question is if there is no longer going to be boxed CDs for
sale perhaps it might be possible in the future for upgrading between
versions to work in a way that doesn't require CDs?
Chris Croome <chris(a)webarchitects.co.uk>
web design http://www.webarchitects.co.uk/
web content management http://mkdoc.com/
Now that we have four new lists made specifically for those interested in
the RHL project, it seems to me that some old lists could be
removed/merged to avoid confusion. redhat-devel-list and redhat-list stand
out as the obvious candidates for that. What do you think?
Now that Red Hat Linux appears to be a non-retail "product" with a much
shorter release cycle I am wondering about the following:
Is it Red Hat's plan to continue to produce security patches and other
errata for baseline Red Hat Linux releases for at least 12 months? (As
outlined for past releases on http://www.redhat.com/apps/support/errata/)