[rhn-users] NIS + security + rppasswdd

Raj Kumar rajkum2002 at rediffmail.com
Fri Feb 18 23:33:33 UTC 2005


  
Hello,

We are deploying NIS service on our network. The linux reference guide mentions about assigning static ports to ypserv and ypxfrd services. However, rppasswdd doesn't have static ports. But the system administrators shutdown all ports and open only specific ports needed for the service. since yppasswdd can use any port i cannot tell them a specific port to open. how does others handle this case?

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/s1-server-nis.html

Also, yppasswd seems to be inherently unsecure since it sends the password in plain text. The NIS how-to mentions about an alternative rppasswd. when instaling it configure script complains about missing "libnscd" (nscd-name service caching daemon) library. I did not find any nbcd-devel rpm on redhat to get rid of this error. Where can I download that. 

Are there any other best practices for NIS?

Thank you,
Raj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/rhn-users/attachments/20050218/d1fda0a5/attachment.htm>


More information about the rhn-users mailing list