Network Login discuss
johnathan.bailes at gmail.com
Wed Jan 19 01:26:38 UTC 2005
On Tue, 18 Jan 2005 13:11:15 -0800, Nifty Hat Mitch
<mitch48 at sbcglobal.net> wrote:
> On Mon, Jan 17, 2005 at 12:37:16PM -0500, fly over wrote:
> > I have assigned a tough task on FC 3 platform. the prob
> > definition is to setup a Network Login n FC 3 using NIS , DNS and
> > NFS. I have 3 p cs small network all running FC 3. If i create
> > the user on a 1 pc and then create some files on the same pc,
> > then on other system i should have ability to login and all the
> > created file should be available there.
> Break this into three tasks.
> authentication (use NIS or perhaps LDAP)
> authentication and NIS is a security tangle
> do your homework. Make sure your firewall
> does the right thing or hackers can see stuff
> you do not want seen.
LDAP can be a pain to set up for authentication but might be worth the
trouble since it can be configured for better security. At least use
tcpwrappers and I have heard but never tried this:
At the very least take a look at RH's own docs.
> host name to IP address mapping (DNS, or NIS)
> it is possible to have NIS and DNS both
> provide host name/ IPaddress mapping
> make sure that: files, DNS, NIS all agree.
Uh, I would typically stick with just DNS but that is perhaps the cheap way out.
> file system and data sharing (use NFS).
> this may involve a data dir, applicatin dir and/or user
> home dirs. Make sure that only hosts you trust can mount
> these resources. UID control and other securtity concerns
> can matter.
Secure NFS via SSH tunneling or at least wrap that rascal with
tcpwrappers even if you are behind a good firewall.
What you have been handed is a great opportunity.
One that I myself have had handed to me a couple of times but usually
with bosses on my head to do a certain way.
Let me say that putting together a good dns server or file server
layout with nfs or samba is one of the simple joys of sysadmin'ing for
More information about the users