Qi,
From my experience with NIS authentication , what you want is impossible. In the university where I work , we're slowly preparing the machines to use ldap authentication , as a security measure. We've had enough problems with NIS , as any user can ypcat passwd and get all passwords and maybe try to crack them. For this reason , we have a strict policy regarding passwords and we try to crack weak passwords weekly.
If you want security (at the expense of taking longer to configure the server) , I suggest you to use ldap. Fedora has a excelent support to ldap auth configuration (using redhat-config-authentication).
Pedro Macedo
From: "Qi Chen" <qi.chen@xxxxxxxxxxxx> To: <fedora-list@xxxxxxxxxx> Subject: Use shadow like password with NIS on Fedora Date: Fri, 26 Dec 2003 17:16:19 -0800 Reply-To: fedora-list@xxxxxxxxxx
I have just installed Fedora. I have configured NIS server/client ok. However, when I type command 'ypcat passwd', I can see the encrypted password in the output, which is no good and is not what I want. I would like to have no encrypted password showing up when I type command 'ypcat passwd'.
Then I changed the /etc/nsswitch.conf file with
passwd: compat shadow: compat
and modified /etc/ypserv.conf file as following:
# The following, when uncommented, will give you shadow like passwords. # Note that it will not work if you have slave NIS servers in your # network that do not run the same server as you.
# Host : Domain : Map : Security # * : * : passwd.byname : port * : * : passwd.byuid : port
I restarted ypserv and ypbind. However, the ypcat command still shows the shadow password. I am using ypserv-2.8.3 and glibc-2.3.2-101.
Do I miss anything? Please help if you know the answer.
-Qi
