[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Network nirvana [Re: Since Fedora is not aimed at enterpise/business..]



On Wed, 1 Oct 2003, Owen Taylor wrote:

> That may be the case currently, but why does it have to be that
> way? What we are talking about is fundamentally pretty simple:
> 
>  - Central user database
>  - Single sign-on passwords
>  - Secure network exported home dirs 

There's your problem. Secure distributed single sign-on protocols (like
krb5) are NOT simple. Sure, more documentation is needed (there's only one
in-print Kerberos book, and it doesn't really say a whole lot, for example)
but documentation only gets you so far.... krb is inherently more involved
to set up or trouble-shoot than, say, NIS, and that's not really changeable
given krb's architecture (and any replacement protocol will likely have to
be just as complex, given everything a secure distributed authentication
protocol has to protect against).

later,
chris




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]